The POP3 support in @k9mail is bad 😢 I'm putting on some band-aids now. But I'm pretty sure we'll remove support for it in the future.

If you're using a POP3 account with K-9 Mail, now is a good time to switch to IMAP or to start looking for a different email app.

@cketti offtopic, but thank you so much for developing k9 for all these years!

@emacsen Yes. But it might be a while before it'll be included in a stable K-9 Mail version.

@cketti Is that because it's problematic for multiple device access and synchronisation (which I can see it wasn't designed for)?

@neildarlow Yes. And we have no desire to support the "download, delete from server, and manage emails locally" approach in K-9 Mail.

@cketti @k9mail I am using POP3 and switched to #Fairmail, but for other reasons (recipient: Using of multiple, comma-seperated email adresses). That Fairmail works very good !

@cketti @k9mail Thanks for your work on #K9! I still use #POP3 for some things but not on mobile devices... I hear that #IMAP can be quite slow with some cheap #email providers though, could that be part of the reason some are interested in such a feature?

@nemobis @k9mail I don't know. But in that case I'd recommend switching email providers rather than using POP3 😃

@cketti @k9mail
Hopefully @purism 's fork decides to actually fix it instead of dropping support, given how awful IMAP is for privacy.

@neneko @cketti Imap is no worse than pop3 privacy wise... you need to trust the server anyhow. Even with pop3 the server admins can happily copy your email or simply hide the message when your client requests the deletion.

@reto @cketti With POP3, you only need to trust that the server admins aren't outright malicious. With IMAP, if the server gets hacked, or the drives are subpoena'd, all your emails are right there in plaintext.

@neneko @reto You could have your mail server encrypt all incoming emails for you. Even some commercial email providers support this option.

@cketti @neneko sure, but you'd *still* be trusting the provider... unless you use an end to end encrypted scheme (say pgp) you always need to trust the admins of the mail server.
The point is that the protocol you use to access the email doesn't really matter

@reto @cketti
I never said that you didn't have to trust the provider. My point is that with IMAP requires a lot more trust, which is worse for privacy.

@neneko @cketti Not necessarily... you can encrypt the files on the imap server just fine. It depends how the encryption is setup though. Some encryption methods just protect against an intruder who doesn't have access to the user DB, others use an encryption key which is encrypted with the users account password. Against a subpoena you'd be out of luck anyhow... that level of access usually means game over

I'm not sure what a subpoena against the provider would do if your emails are only kept on the client. They'd only get like 5 or 10 minutes worth of emails, depending on how frequently your client retrieves them.

@neneko @reto
If we assume point in time snapshots they won't get access to any message contents if emails are properly encrypted[1] on arrival, i.e. the client's poll interval is irrelevant.

[1]: granted, with current solutions the metadata is still available on the server; but that's mainly an ecosystem problem, not a technical necessity

@cketti @neneko @reto I use POP3 with no issues. What's the matter in leaving it as it is now?

@marco @cketti @reto It doesn't actually delete the emails from the server after retrieving them. So it behaves more like IMAP but with none of the benefits.

@neneko @cketti @reto That's not the answer to the question. There are (free) mail provides who do not offer IMAP for free. And most mail users are free mail users, I assume. I like that behavior and finally fetch mails from the desktop.

@marco The app is changing constantly. There's no such thing as leaving POP3 support as it is now and only changing the rest of the app.

@neneko @cketti >I'm not sure what a subpoena against the provider would do if your emails are only kept on the client

Assuming the provider has no way of restoring past email nothing for past emails. However from the point of the subpoena they can force the provider to carbon copy the email to them. So any future email you receive will be in the clear.
Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.