[PATCH] doc: process: add privacy warning when using some SMTP servers
From: sndanailov
Date: Thu Oct 13 2022 - 08:39:44 EST
From: Sotir Danailov <sndanailov@xxxxxxxxxxxxxx>
Warn the user about "Received" headers and how some
SMTP servers use them by attaching the user's IP addresses,
when using some email clients. Add suggestion on how to
test this behavior and how to avoid it.
Signed-off-by: Sotir Danailov <sndanailov@xxxxxxxxxxxxxx>
---
Documentation/process/email-clients.rst | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/Documentation/process/email-clients.rst b/Documentation/process/email-clients.rst
index fc2c46f3f82d..9c49f9b33fdb 100644
--- a/Documentation/process/email-clients.rst
+++ b/Documentation/process/email-clients.rst
@@ -350,3 +350,24 @@ although tab2space problem can be solved with external editor.
Another problem is that Gmail will base64-encode any message that has a
non-ASCII character. That includes things like European names.
+
+Privacy/Security
+----------------
+
+Keep in mind, that even if you're using a working email client, the SMTP
+server might have configurations you don't like.
+
+For example, if you decide to use the Gmail SMTP server with the Thunderbird
+client, the server will add your private and public IPs into "Received"
+headers, which are attached to all of your sent emails. This is done
+to avoid spam and to check where in the routing path an error might have
+occurred. Gmail's web GUI client doesn't add your IPs, because it's sent from
+Google's servers directly, not an external machine. Unfortunately the web
+client is not good for sending patches. You can check if your IPs are present
+in the headers by reading the raw email source.
+
+If you do not wish this behavior, you need to find a provider which doesn't
+do it or configure and host a SMTP server yourself.
+
+If you're concerned, always first send an email to yourself, read the email
+source and if you see no issues, continue to the mailing lists!
--
2.37.3