[feat] Allow sending plaintext emails instead of HTML #402

Open
opened 2022-12-27 06:24:05 +00:00 by Ghost · 1 comment

The idea

Akkoma should have the ability to select between sending a plaintext email (Content-Type: text/plain) or an HTML email (text/html), either per-user configuration or globally.

The reasoning

Citing numerous reasons listed in https://useplaintext.email/#why-plaintext:

  • HTML makes it easier for phishing
  • Most HTML emails have a bad rep for containing tracking pixels/images and tracking URLs behind the actual URL you want to go to
  • It's unnecessarily complex web tech for simply receiving things like digest notifications or password reset emails
  • Very significant attack surface and a security nightmare
  • Not as good accessibility compared to plain text emails due to formatting nightmares
  • Terminal email clients don't render HTML emails 100% properly unless they're specifically written like a plaintext email, in which case why isn't the email being sent as plaintext in the first place?
  • And rich text is pointless for simple things like password resets, digests, etc.

Plaintext emails are also less likely to be classified as spam which helps tremendously if you're self hosting email and you want to reach as many servers as possible.

Given fedi culture, it's not unlikely to see someone using a terminal email client or self hosting email.

Have you searched for this feature request?

  • I have double-checked and have not found this feature request mentioned anywhere.
  • This feature is related to the Akkoma backend specifically, and not pleroma-fe.
### The idea Akkoma should have the ability to select between sending a plaintext email (Content-Type: text/plain) or an HTML email (text/html), either per-user configuration or globally. ### The reasoning Citing numerous reasons listed in https://useplaintext.email/#why-plaintext: - HTML makes it easier for phishing - Most HTML emails have a bad rep for containing tracking pixels/images and tracking URLs behind the actual URL you want to go to - It's unnecessarily complex web tech for simply receiving things like digest notifications or password reset emails - Very significant attack surface and a security nightmare - Not as good accessibility compared to plain text emails due to formatting nightmares - Terminal email clients don't render HTML emails 100% properly unless they're *specifically written* like a plaintext email, in which case why isn't the email being sent as plaintext in the first place? - And rich text is pointless for simple things like password resets, digests, etc. Plaintext emails are also *less* likely to be classified as spam which helps tremendously if you're self hosting email and you want to reach as many servers as possible. Given fedi culture, it's not unlikely to see someone using a terminal email client or self hosting email. ### Have you searched for this feature request? - [x] I have double-checked and have not found this feature request mentioned anywhere. - [x] This feature is related to the Akkoma backend specifically, and not pleroma-fe.
Ghost added the
feature request
label 2022-12-27 06:24:05 +00:00

This just happened to bite me. My instance's mail got spamfiltered for being HTML only.

This just happened to bite me. My instance's mail got spamfiltered for being HTML only.
Sign in to join this conversation.
No milestone
No project
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: AkkomaGang/akkoma#402
No description provided.