git.notmuchmail.org Git - notmuch/commit

author	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Mon, 8 Aug 2016 23:35:17 +0000 (19:35 -0400)
committer	David Bremner <david@tethera.net>
	Thu, 11 Aug 2016 11:16:00 +0000 (20:16 +0900)
commit	1ba73d1437202b9ae3c2cff6d20dbe92fcacf053
tree	4eecd31f18a95560e2394a4973ee429848c9fa59	tree \| snapshot
parent	188fccd84fc53f44f38a4b184383d63f2c58b5e3	commit \| diff

Omit User-Agent: header by default

The User-Agent: header can be fun and interesting, but it also leaks
quite a bit of information about the user and their software stack.

This represents a potential security risk (attackers can target the
particular stack) and also an anonymity risk (a user trying to
preserve their anonymity by sending mail from a non-associated account
might reveal quite a lot of information if their choice of mail user
agent is exposed).

This change also avoids hiding the User-Agent header by default, so
that people who decide they want to send it will at least see it (and
can edit it if they want to) before sending.

It makes sense to have safer defaults.

emacs/notmuch-mua.el		diff \| blob \| history
test/T310-emacs.sh		diff \| blob \| history