Proton states that the they hide the senders IP address when sending mail via webapp. However, they say that the IP may be visible if the sender uses Thunderbird instead.
. The email headers of messages sent from Proton Mail web and mobile apps don’t contain user IP addresses in the headers of sent mail.
But desktop email apps that use SMTP, like Outlook or Thunderbird, may include the originating IP address in the header.
Elsewhere, contributors to Ubuntu forum state that Thunderbird/clients have no control over the headers, which are determined solely by the email provider.
Which is correct?
And is IP address the only metadata we should be worried about? I wonder if there is metadata which could link the sender to its device?
True if the old default out of the box mail server configuration is used by the email provider.
But email servers can be configured to strip those headers from mail received over the submission port (i.e. local accounts). I have my email server setup this way so the “received from” headers are removed from any email from my users. For debugging purposes, I don’t strip the “received from” headers from incoming mail from other servers.
Anyway, if a service is not stripping the privacy sensitive headers from email submitted by their account holders then I don’t think they are using current best practices and should be called on it.
I’m overall a moderately happy Proton user, but I continue to not understand Andy Yen’s belief that because Microsoft Outlook is potentially headed toward a proprietary mechanism, somehow that makes IMAP - the literal industry standard for this use case - a “third party platform”.
I’d like to think he understands the difference between a client for a particular protocol, and a “platform” that may or may not also incorporate that protocol…ex. Mozilla Thunderbird is not a platform, Gmail is. I’d also like to think they’d be straightforward enough to admit if they’re just trying to slowroll the demise of Proton Mail Bridge, but…maybe that’s unfounded optimism?
It is the SMTP server, not the client, which is responsible for including IP address. As stated above, even if the client did send such information, Proton could and should strip it away.
If Proton doesn’t, I’m afraid it doesn’t fulfill the minimum requirements to be recommended by Privacy Guides:
Minimum to Qualify:
Protect sender’s IP address, which can involve filtering it from showing in the Received header field.
The recommendation of Proton should therefore be contingent on Proton assuring they protect such identifiable information, and correcting the linked article if it’s incorrect.
I tested also and the IP address was not included.
However, all such tests tell us is that IP address usually is not included in header. Proton should give us a guarantee. To cover themselves, they could say “it is not included by default, but may be included if [the exact conditions which would make it included]” instead of “may be included if you use the bridge” . The latter complete nonsense.
I am of the opinion that utilising VPN services from the router would mitigate any concerns regarding IP leakage when utilising third-party applications for emailing. I checked some of my emails in view souce in Thunderbird, and they don’t show a true IP address. To me there is a lot of nothing and fear mongering.