https://bugs.kde.org/show_bug.cgi?id=359964
Bug ID: 359964
Summary: "Kmailleaks", or what to improve to make Kmail more
privacy friendly.
Product: kmail2
Version: 5.1
Platform: Gentoo Packages
OS: Linux
Status: UNCONFIRMED
Severity: wishlist
Priority: NOR
Component: general
Assignee: kdepim-b...@kde.org
Reporter: inf...@openaliasbox.org
As i commented here: https://forum.kde.org/viewtopic.php?f=215&t=130580 Kmail
reveals a lot of personal information that I don't believe is really necessary
to take out of the user computer and launch it to the Internet for ever. This
is what Kmail seems to send -from a mail in my sent mail folder in Kmail 2, the
addresses and IDs have been modified for privacy reasons-:
From: My Name <myemailu...@mymailprovider.com>
To: addres...@othermailprovider.com
Subject: Whatever
Date: Tue, 41 Jul 7093 45:07:87 +0900
Message-ID: <206255.h4EBR3PX5@mylinuxuser-nameofmyPC>
X-KMail-Identity: 1308832047
X-KMail-Dictionary: es_ES
User-Agent: KMail/ (Linux/4.4.0-gentoo; KDE/5.19.0; x86_64; ; )
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="UTF-8"
I know that some headers are necessary for a correct functioning of mail
protocols, deliveries, and such. But let me ask if the following information is
really necessary:
- Message-ID: <206255.h4EBR3PX5@mylinuxuser-nameofmyPC>
This ID is unique for each message, and as you see, includes my user name and
the name of my machine. I've seen that sending from the webmail page, this same
server adds a Message-ID field too, but it just reads
«6dce92d4g2f5378b431e6gc...@mymailprovider.com», surely the ID is unique too,
but at least there's no info about my mail account's name, and the machine ID
is just my provider's domain. Don't know how difficult may be decipher the
alfanumeric ID, but seems rather more discrete than "blabbermouth" Kmail. If
this ID is really indispensable, couldn't Kmail just use the mail server's
domain, just like the webmail apps do or even an indefined one like
«@localhost», or whatever that keeps users' data safe?
- X-KMail-Identity: 1308832047
When I just begun to pay attention to what was doing Kmail with my personal
data I wasn't sure if those numbers were unique or perhaps were just a code for
Kmail or something like that, something more generic. No, it isn't, is another
unique identifier for each message; as opposed to Message-ID it doesn't leak
the user's nor machine's name though, but being a excluse Kmail identifier I
wonder if it's necessary at all. None of my mail providers' web apps have such
a thing, the only ID they have is Message-ID.
- X-KMail-Dictionary: es_ES
I simply cannot believe that mail providers need to know what's my mother
language, and its regional variation. This iD doesn't anything to do with
character set, it just tells what dictionary I have set for orthographic check,
right? Again no provacy respectful webmail app leaks it.
- User-Agent: KMail/ (Linux/4.4.0-gentoo; KDE/5.19.0; x86_64; ; )
This is the cherry on top of the cake... Operating system, distribution,
desktop environment, version of DE, and CPU's architecture. Why not sending
also the last time I had sex? xD
Ok, jokes apart, I think that's a festival of the "cybergossip". GMX doesn't
send a user agent, neither Gmail does -their web apps, no mail client-, so it
seems clear that such info isn't necessary at all.
So, we have 4 different sources of personal data that are leaked by Kmail and
that help advertisers and governments a lot to make a very detailed
fingerprintof the users. I don't know almost anything about mail protocols, but
3 of them seem not to be necesary at all for a correct functioning. Am I wrong
or Kmail's privacy guarentees could improve a lot? Please, look what GMX web
app sends:
MIME-Version: 1.0
Message-ID:
From:
To:
Subject:
Content-Type: text/html; charset=UTF-8
Date:
Importance: normal
Sensitivity: Normal
X-Priority: 3
X-Provags-ID:
One, only one, Message-ID, out of the 4 identifiers Kmail sends -X-Provags-ID
belongs to the spam filters, I think-. Seems that Kmail could function
perfectly being at least as discrete, no?
I'm not sure about the Content-Type: text/plain; charset="UTF-8" thind, even if
this is leaking the descriptor of my character set, maybe it is necessary to
avoid weird characters in the mesages, am I right?
Reproducible: Always
Steps to Reproduce:
1. Compose a message
2. Send it
3.
Actual Results:
A lot of unnecesary fingerprinting data are leaked.
Expected Results:
Only reveal indispensable data for email communication workd without issues,
and not let other data go out of our computers.
--
You are receiving this mail because:
You are watching all bug changes.
