Feature #6119
audit claws mail
0%
Description
Message-ID
Tails currently sets domain=localhost
in accountrc.tmpl
.
An account created from this template on Tails devel branch (Debian Squeeze, Claws Mail 3.7.6-4) ends up with set_domain=0
and domain=
, and the Message-ID
is generated using the hostname part of the sender’s email address.
Tails 0.6 uses the same Claws Mail version (from Debian backports).
EHLO/HELO
Outgoing EHLO/HELO SMTP commands can also leak private information (see this or-talk thread about it.
According to our tests claws-mail always says EHLO localhost
, whatever value the domain
is set to.
HTML / Javascript
Optional plugins (fancy, dillo, html2, etc.) can render HTML e-mail. Without any of them, claws-mail does basic HTML formatting (e.g. links) by default. The render_html
prefs item, when set to false, fully disables HTML rendering.
Tails currently uses the following HTML-related settings:
render_html=0
invoke_plugin_on_html=0
promote_html_part=0
Resources
- torsocks homepage has some test results about Claws Mail
- blog post about using Claws Mail with torsocks
- the TorifyHOWTO currently only contains information copied from the torsocks homepage, but it’s still worth being watched for updates
Subtasks
History
#2 Updated by intrigeri 2013-07-19 06:15:15
- Subject changed from claws mail to audit claws mail
- Status changed from Confirmed to Rejected
- Parent task set to Feature #5769
We’re going to switch to Icedove instead: Feature #5663.