Improved privacy protection
Malware email authors such as spammers and corporations use bugged email to track actions like opening a message or clicking on links. HTML email with embedded remote resources such as images are used to track messages being opened, and utm_* query param URLs on both HTML and plain text links to track when people visit a link. Geary currently offers some protection against link spoofing and remote image loading, but these could both be improved.
For remote image loading, if someone enables remote image loading for a gmail sender, then Google's 1px image bug is loaded every time. When clicking on links, utm_* and other known tracking param are still sent to the browser, and shortened URLs hide the true destination of the link.
Some ways Geary could improve on this include:
- Verify sender addresses using DMARC/DKIM/SPF+ before allowing remote images to be loaded (#134)
- Provide a means of blocking remote resource loading for specific domains, in addition to blocking un-trusted senders
- Strip tracking param from links when opened
- Ensure the Do Not Track header is added to outgoing HTTP requests
- (Maybe) Expand links from known short-link providers to display and allow clicking through to the actual link.
- Improve remote resource loading blacklisting (#319)
- Other things?
Also, Geary needs to provide fallbacks in the cases where it gets it wrong, e.g. being able to open the full URL if a utm param is actually required to load the link.