[MlMt] Domain whitelist for remote content, revisited

Benny Kjær Nielsen mailinglist at freron.com
Thu Feb 23 09:31:43 EST 2017

Previous message: [MlMt] Domain whitelist for remote content, revisited
Next message: [MlMt] Domain whitelist for remote content, revisited
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22 Feb 2017, at 23:05, Sam Hathaway wrote:

> A while ago I posted asking if there was a way to tell MailMate to 
> load remote content only from specific domains. The rationale here is 
> that, since sender addresses can be easily spoofed, allowing remote 
> content loading based on sender address is not really effective at 
> preventing tracking.

Nevertheless, this is what most users request. I'm considering to build 
in a white-listing feature based on the email address, but I'll then 
combine it with a requirement for some other headers to also match, 
e.g., the `X-Mailer` header. This part could be optional.

(The latest test release includes blacklisting addresses for the 
completion of email addresses in the composer. This is kind of similar 
which is why I've been considering how to improve image blocking again.)

> By allowing loads by source domain, we can effectively control where 
> potential tracking data ends up. (This is one of the few features I 
> miss from Thunderbird.)
>
> Folks suggested that I try using Little Snitch to do this, and so I 
> did. Turns out, Little Snitch is too intrusive when used this way, as 
> it asks about each domain in turn, and I have to allow or deny each 
> one. (And there are *lots* of domains referenced in your average HTML 
> email!)
>
> Thunderbird, in the other hand, uses a popup menu which lists each 
> domain and allows the user to select which they would like to allow 
> content from.

But it's still the same number of domains. If I understand correctly, 
you're just not forced to make a decision about every one of them.

I've always wanted the image-blocking feature to also allow the user to 
see exactly what was blocked. If some kind of popup menu is implemented 
then it wouldn't be far from an implementation similar to Thunderbird.

No promises though.

-- 
Benny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20170223/e9c71bdf/attachment-0001.html>

Previous message: [MlMt] Domain whitelist for remote content, revisited
Next message: [MlMt] Domain whitelist for remote content, revisited
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the mailmate mailing list