On Sat, 11 Nov 2023, Bjoern Franke via mailop wrote:
Hi,
... I have not been aware of the fact that *ALL* apps actually might be
doing this.
It was just recently that I looked for alternative iOS mail apps - and
"phoning home" credentials got noted only for the Spark app.
This seems to be not restricted to iOS apps. Recently I tried "Blue Mail"
on Android and after logging in a contabo box connected to my IMAP server.
Even after uninstalling the app, the connection stayed, so I changed the
credentials.
I guess we need to look at ClientID
https://datatracker.ietf.org/doc/draft-storey-smtp-client-id/ (SMTP)
https://datatracker.ietf.org/doc/draft-yu-imap-client-id/ (IMAP)
and OAuthBearer RFC7628
to see whether either or both could help us identify the incoming
client sessions ?
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
