https://bugs.kde.org/show_bug.cgi?id=359964
Bug ID: 359964 Summary: "Kmailleaks", or what to improve to make Kmail more privacy friendly. Product: kmail2 Version: 5.1 Platform: Gentoo Packages OS: Linux Status: UNCONFIRMED Severity: wishlist Priority: NOR Component: general Assignee: kdepim-b...@kde.org Reporter: inf...@openaliasbox.org As i commented here: https://forum.kde.org/viewtopic.php?f=215&t=130580 Kmail reveals a lot of personal information that I don't believe is really necessary to take out of the user computer and launch it to the Internet for ever. This is what Kmail seems to send -from a mail in my sent mail folder in Kmail 2, the addresses and IDs have been modified for privacy reasons-: From: My Name <myemailu...@mymailprovider.com> To: addres...@othermailprovider.com Subject: Whatever Date: Tue, 41 Jul 7093 45:07:87 +0900 Message-ID: <206255.h4EBR3PX5@mylinuxuser-nameofmyPC> X-KMail-Identity: 1308832047 X-KMail-Dictionary: es_ES User-Agent: KMail/ (Linux/4.4.0-gentoo; KDE/5.19.0; x86_64; ; ) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8" I know that some headers are necessary for a correct functioning of mail protocols, deliveries, and such. But let me ask if the following information is really necessary: - Message-ID: <206255.h4EBR3PX5@mylinuxuser-nameofmyPC> This ID is unique for each message, and as you see, includes my user name and the name of my machine. I've seen that sending from the webmail page, this same server adds a Message-ID field too, but it just reads «6dce92d4g2f5378b431e6gc...@mymailprovider.com», surely the ID is unique too, but at least there's no info about my mail account's name, and the machine ID is just my provider's domain. Don't know how difficult may be decipher the alfanumeric ID, but seems rather more discrete than "blabbermouth" Kmail. If this ID is really indispensable, couldn't Kmail just use the mail server's domain, just like the webmail apps do or even an indefined one like «@localhost», or whatever that keeps users' data safe? - X-KMail-Identity: 1308832047 When I just begun to pay attention to what was doing Kmail with my personal data I wasn't sure if those numbers were unique or perhaps were just a code for Kmail or something like that, something more generic. No, it isn't, is another unique identifier for each message; as opposed to Message-ID it doesn't leak the user's nor machine's name though, but being a excluse Kmail identifier I wonder if it's necessary at all. None of my mail providers' web apps have such a thing, the only ID they have is Message-ID. - X-KMail-Dictionary: es_ES I simply cannot believe that mail providers need to know what's my mother language, and its regional variation. This iD doesn't anything to do with character set, it just tells what dictionary I have set for orthographic check, right? Again no provacy respectful webmail app leaks it. - User-Agent: KMail/ (Linux/4.4.0-gentoo; KDE/5.19.0; x86_64; ; ) This is the cherry on top of the cake... Operating system, distribution, desktop environment, version of DE, and CPU's architecture. Why not sending also the last time I had sex? xD Ok, jokes apart, I think that's a festival of the "cybergossip". GMX doesn't send a user agent, neither Gmail does -their web apps, no mail client-, so it seems clear that such info isn't necessary at all. So, we have 4 different sources of personal data that are leaked by Kmail and that help advertisers and governments a lot to make a very detailed fingerprintof the users. I don't know almost anything about mail protocols, but 3 of them seem not to be necesary at all for a correct functioning. Am I wrong or Kmail's privacy guarentees could improve a lot? Please, look what GMX web app sends: MIME-Version: 1.0 Message-ID: From: To: Subject: Content-Type: text/html; charset=UTF-8 Date: Importance: normal Sensitivity: Normal X-Priority: 3 X-Provags-ID: One, only one, Message-ID, out of the 4 identifiers Kmail sends -X-Provags-ID belongs to the spam filters, I think-. Seems that Kmail could function perfectly being at least as discrete, no? I'm not sure about the Content-Type: text/plain; charset="UTF-8" thind, even if this is leaking the descriptor of my character set, maybe it is necessary to avoid weird characters in the mesages, am I right? Reproducible: Always Steps to Reproduce: 1. Compose a message 2. Send it 3. Actual Results: A lot of unnecesary fingerprinting data are leaked. Expected Results: Only reveal indispensable data for email communication workd without issues, and not let other data go out of our computers. -- You are receiving this mail because: You are watching all bug changes.