It is my understanding that this is a way for spammers to fish out legitimate email addresses. If the content is pulled from the server, the email address must be real.

At least, this is what I tell my clients when recommending turning off HTML content from untrusted email sources.

Correct. If I send a specially formatted email to an iPhone or Apple Mail user and they read it, completely transparently to them, I will be get "notification" of when they read it and what IP address they read it from. Even if they tell their client to not load remote images and to not honour read receipts.

And then they just put it in spam folder and what do you do with this information (They read it from this IP)? Sure, you know that email address is live and active, but what good is that info?

There's a million different uses. I could send an email to my friend and figure out if they're at home on their wifi or if they're out and using 3G. It's a general privacy issue.

Actually, they make the request to a unique URL which is tied to your email address and that particular "campaign", letting the sender know that you opened and read the email — and that you're probably a good person to send loads more spam to.

The problem of spam email is largely solved though for people who are using the right tools.

I don't see it as a big deal personally if a sender of email finds out if it was opened or not.

Regardless of how good spam filters are today, not opening the emails leaves you with less spam, and a lower chance of false positives/negatives in the long term.