[Alpine-info] Privacy Related Information Leak Mitigation Feature
Requests
via Alpine-info
alpine-info at u.washington.edu
Thu Jun 13 05:12:36 PDT 2024
Greetings alpine-info mailing list!!
Some time ago when Mr Chappa was adding oauth2 support for Alpine and had been working on a privacy policy for it he made an interesting comment:
> Date: Thu, 11 Jun 2020 14:05:59 -0600 (MDT)
> From: Eduardo Chappa <alpine.chappa at yandex.com>
> To: Andrew C Aitchison <andrew at aitchison.me.uk>
> In-Reply-To: <alpine.DEB.2.22.394.2006020757430.15177 at warden.aitchison.me.uk>
> Message-ID: <alpine.LNX.2.22.439.2006111239040.9525 at linux-aknz>
> References: <alpine.DEB.2.22.394.2006020757430.15177 at warden.aitchison.me.uk>
> Cc: alpine-info at u.washington.edu
> Subject: Re: [Alpine-info] Microsoft Outlook "Modern Authentication"
>
> - SNIPPED -
> In addition, Alpine discloses its name and version to IMAP servers that support the ID extension. I put this in a separate category of privacy disclosure. I think this information is valuable for the server maintainers, because it establishes our presence (in other words, it tells the ownser of the server that there are users using Alpine, and so they need to support us.)
> - SNIPPED -
Does Mr Chappa still maintain this position or would he reconsider and maybe make this feature something that you can change or opt out of even disclosing at all as there are practical benefits too.
It can help work around buggy IMAP servers as seen here:
https://support.mozilla.org/si/questions/1275339 - How do I fix "Unrecognized command: ID" | Thunderbird Support Forum | Mozilla Support
Another possible privacy related information leak can be found in the way that Alpine can send your host in the SMTP EHLO or HELO greeting.
Can another option you can use to change it be added to handle this problem?
Or maybe Alpine can send a more generic host such as [192.168.1.1] with an opt out option instead?
These changes would help mitigate the last low hanging fruit privacy leaks in Alpine that I am aware of?:
- IMAP
> Current mitigations:
>
> ?
>
> Todo: add Suppress IMAP ID When Connecting option ?
- NNTP
> Current mitigations:
>
> v2.26 added:
> * To protect the privacy of a user, the message-id of a message will be generated using the domain in the From field of the message.
>
> v2.24 added:
> * Modifications to protect the privacy of users:
> + Alpine uses the domain in the From: header of a message to generate a message-id and suppresses all information about Alpine, version, revision, and time of generation of the
> message-id from this header. This information is replaced by a random string.
>
> [ News Preferences ]
> [X] Hide NNTP Path (NNTP)
>
> [ Advanced User Preferences ]
> [X] Scramble the Message-ID When Sending (SMTP)
> [X] Suppress User Agent When Sending (SMTP)
>
> Todo: None ?
- POP3
> Current mitigations:
>
> ?
>
> Todo: None ?
- SMTP
> Current mitigations:
>
> v2.26 added:
> * To protect the privacy of a user, the message-id of a message will be generated using the domain in the From field of the message.
>
> v2.24 added:
> * Modifications to protect the privacy of users:
> + Alpine uses the domain in the From: header of a message to generate a message-id and suppresses all information about Alpine, version, revision, and time of generation of the
> message-id from this header. This information is replaced by a random string.
>
> [ Sending Preferences ]
> [X] Do Not Generate Sender Header (SMTP)
>
> [ Advanced User Preferences ]
> [X] Scramble the Message-ID When Sending (SMTP)
> [X] Suppress User Agent When Sending (SMTP)
>
> Todo: add Change SMTP EHLO or HELO Greeting and or Use Generic SMTP EHLO or HELO Greeting option ?
I became interested in seeing these issues fixed after reading this article which also notes other possible issues:
https://explained-from-first-principles.com/email/#sender-towards-recipients - Email explained from first principles
More information about the Alpine-info
mailing list