[Users] Privacy issue (was Webmail support in Claws Mail )

[alb348 at gmail.com]

Andreas Fink (finkandreas at web.de) wrote:*

*>Hm, I don't get the exact problem? Why does claws-mail need to be
 >a browser? Claws-Mail does not even natively support html rendering...

Providing some browser-like functionality, to the minimum extent needed 
to display webmail should not be too much of a problem, I believe.

 >And besides all that, I don't think that a generic webmail login is 
possible. It basically comes down to the steps: 1. Fetch the webmail 
html site 2. Find the Username/Password fields 3. Find the button to 
login The first step is easy to configure, just let there be an entry 
for the URL. The second and third step already seem much harder in a 
generic way. I understand that it is possible, and probably for the 
biggest mail-provider there are really fast solutions, but still it will 
never be a full support for all email provider.

Agreed. Exactly as you say. Nonetheless, integrating within Claws Mail 
the webmail support for at least the big email providers (which account 
for a large chunk of total email use) is a major step in the right 
direction. In any case only *some* webmail servers, like Google (Yahoo 
and Hotmail don't, for instance), obscure the IP address of the 
end-user, so we would not bother to provide support for *all* webmail 
servers. Personally, I would be satisfied with Google's webmail.

 >Could you please explain shortly, why it would be better to open your 
webmail in claws-mail instead of the browser (both, firefox and 
chrome/chromium support password saving mechanisms, so you do not even 
have to type your username/password).

Because for reading, filtering and sorting your incoming emails you 
would still be using Claws Mail in its normal way, with all its 
advantages. Webmail would only come into play when you send out emails. 
With this arrangement, you will have the best of both worlds.
If I remember correctly, some webmail providers will let you synch your 
local email client with emails that you sent from their webmail. So, an 
email sent out via webmail will be downloaded from the server and stored 
into your local email client, under the Sent folder, as if it had been 
sent out via your local email client. This way, you will have your 
complete archive locally available, without having your privacy 
compromised by the SMTP protocol.

 >You couldn't even enjoy the addressbook of claws-mail, since 
claws-mail would never know, which field in your webmail is an 
email-address field and which is the subject field, etc...

Why could it not be done? If a plugin is able to open a webmail account 
and go through authentication procedures (as Thunderbird's add-on can 
already do), why shouldn't be able to intelligently feed data, taken 
from CM's addressbook into the webmail fields?

One smart way of going about it could be:

1) you compose your email in Claws Mail, exactly as you would normally do
2) when you press Send, instead of using the SMTP protocol, Claws Mail 
opens the relavant webmail account
3) it automatically presses Compose within the webmail account and feeds 
the webpage with the data from the email already composed within Claws Mail
4) it sends the email out via the server's webmail

Steps 2, 3 and 4 could be executed in the background. This way, the user 
will experience nothing different from his usual routine.
A copy of the dispatched email will immediately be placed the local Sent 
folder (without even the need to retrieve the email from the server's 
Sent folder and synch your local archive).

Naturally, this requires hard coding work. But I don't see why it should 
not be feasible.

If this is implemented in Claws Mail, the privacy violation inherent in 
SMTP will be circumvented.
With a proper implementation, the solution would be seamless, without 
the user having to pay any price (complexity, confusion, etc).

I hope this helps.