Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id E0C4F6DE026C for ; Mon, 8 Aug 2016 13:42:53 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.053 X-Spam-Level: X-Spam-Status: No, score=-0.053 tagged_above=-999 required=5 tests=[AWL=-0.053] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wRdvspJLxYUA for ; Mon, 8 Aug 2016 13:42:45 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTP id 860136DE0188 for ; Mon, 8 Aug 2016 13:42:44 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 57155F98B for ; Mon, 8 Aug 2016 16:42:42 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 709271FE91; Mon, 8 Aug 2016 16:42:37 -0400 (EDT) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: [PATCH] Omit User-Agent: header by default Date: Mon, 8 Aug 2016 16:42:37 -0400 Message-Id: <1470688957-30562-1-git-send-email-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.8.1 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Aug 2016 20:42:54 -0000 The User-Agent: header can be fun and interesting, but it also leaks quite a bit of information about the user and their software stack. This represents a potential security risk (attackers can target the particular stack) and also an anonymity risk (a user trying to preserve their anonymity by sending mail from a non-associated account might reveal quite a lot of information if their choice of mail user agent is exposed). This change also avoids hiding the User-Agent header by default, so that people who decide they want to send it will at least see it (and can edit it if they want to) before sending. It makes sense to have safer defaults. --- emacs/notmuch-mua.el | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 1ca8056..f3a4e5a 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -62,7 +62,7 @@ disabled: this would result in an incorrect behavior.")) (const :tag "Compose mail in a new window" new-window) (const :tag "Compose mail in a new frame" new-frame))) -(defcustom notmuch-mua-user-agent-function 'notmuch-mua-user-agent-full +(defcustom notmuch-mua-user-agent-function nil "Function used to generate a `User-Agent:' string. If this is `nil' then no `User-Agent:' will be generated." :type '(choice (const :tag "No user agent string" nil) @@ -73,7 +73,7 @@ disabled: this would result in an incorrect behavior.")) :value notmuch-mua-user-agent-full)) :group 'notmuch-send) -(defcustom notmuch-mua-hidden-headers '("^User-Agent:") +(defcustom notmuch-mua-hidden-headers nil "Headers that are added to the `message-mode' hidden headers list." :type '(repeat string) -- 2.8.1