Mail clients are notorious for sending information not really required for mail conversations.
They leak their identity and version number, sometimes even the operating system in
They leak the locally set time zone in the
And sometimes they leak the private IP addresses during mail sending.
Here I document some settings to hide this information in my preferred mail clients. Note: Hiding this metadata might not be enough to fully disguise your choice of mail clients. The ordering of mail headers was not tackled, behavior with attachments varies equally high and other details disclose the mail client identity.
Thunderbird is a very popular mail client. While it prevents loading external resources by default, there are still improvements to be made.
First off, Thunderbird by default sends a
User-Agent header disclosing its identity.
Up to Thunderbird 102, it sent a
User-Agent similar to web browsers such as Firefox, e.g.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0.
If you still run such version, you can suppress the
User-Agent header by setting
general.useragent.override in the advanced settings to an empty string.
Since Thunderbird 115, there are two new preferences controlling the User-Agent.
mailnews.headers.sendUserAgent controls if an User-Agent is sent at all.
I recommend setting this to
mailnews.headers.useMinimalUserAgent reduces the User-Agent to
Finally no version number, no operating system, no CPU architecture.
On Arch Linux in a fresh Thunderbird profile, this setting is
true by default.
To hide the time zone, set
Surprisingly, this will not only change the time zone to UTC, but also nullify the seconds in the
This way, time desynchronization of a couple of seconds is obfuscated.
At the same time it might be a vector re-identifying Thunderbird amongst other mail clients.
Additionally, Thunderbird adds a
Content-Language header by default.
You can prevent sending it by setting
Contrary to the other two mail clients in this article, Thunderbird contains telemetry. A great list tackling this problem is available in German at privacy-handbuch.de. Alternatively, you might get happy with the arkenfox user.js fork for Thunderbird from HorlogeSkynet.
Neomutt is a reasonable mail client regarding user privacy. Nonetheless, some improvements are possible.
If you don’t send a human-readable name alongside your email address, neomutt falls back to using your Unix username’s comment field.
To prevent this,
unset gecos_mask in your muttrc file.
By default, neomutt sends timestamps in the local time zone, e.g.
Date: Fri, 08 Sep 2023 14:30:37 -0700.
To always send in the UTC time zone,
unset local_date_header in your muttrc file.
Next, neomutt uses a random base32 string for the
To match the behavior of other popular mail clients such as Thunderbird, set
my_hdr Message-ID: <`uuidgen -firstname.lastname@example.org> in your muttrc.
Remember to re-set this config option whenever you change the hostname for different accounts.
Finally, neomutt uses the value in
$hostname for the EHLO SMTP greeting.
To hide a potential private IP address and match the others,
set hostname = "localhost".
In summary, set these options in your muttrc file:
unset gecos_mask unset local_date_header my_hdr Message-ID: <`uuidgen -email@example.com> set hostname = "localhost"
FairEmail is a modern, privacy respecting mail client for Android. It prevents loading external resources by default and uses IMAP IDLE to instantly notify on new messages without sending your credentials to another server (which is seemingly not standard anymore).
To enhance your privacy, you can avoid sending the fact that you are using FairEmail and how your time zone is currently set by going into its settings. Under the Privacy tab you find the following two settings:
To also hide the local IP address in the SMTP EHLO message, you can set FairEmail to always use
The setting can be found in the advanced identity settings per identity.
For authenticated sending this string shouldn’t matter at all, but is recorded in the
Received mail header.