We offer a block remote content feature. There is no foolproof way to load any remote content without possibly exposing email open information.

> There is no foolproof way to load any remote content without possibly exposing email open information.

Also, this is false. You could download all remote content at time of delivery. That way it would be impossible for a sender to differentiate between an email simply being delivered and one being read.

Even more worrying, I just went into the settings and toggled on "Block remote content" and then sent my self another test through https://www.emailprivacytester.com, and it still triggered a remote content load when I viewed the email.

It's saying that the images were blocked, but that didn't stop them being fetched. Entirely defeating the point of the setting.

My point was that defaults matter, and your default is not privacy preserving. Yet you claim to be a "privacy first" service. There are many email clients which do not download remote content by default. I would argue that they preserve privacy better than Skiff does.

What mail providers block all remote content by default?

I don't have a list for you. I would have thought you'd have this data yourself given the business you're in.

Yes - privacy focused mail providers offer this as an option but do not enable it by default. Mainstream mail providers do not even have it as an option.

Are you joking? I've never even come across an email client or provider that doesn't have options to toggle loading remote images. What mainstream mail providers don't have this option?

The only difference between your option and other providers are:

1. Yours doesn't even work. It still loads the remote images. It just doesn't display them

2. Yours has the wrong default.

Your "block remote content" option is even worse than just forcibly loading remote images and not even having the option in the first place, because it tricks the user into thinking that it will preserve privacy, like it does for other providers, but it does not preserve privacy in your case as it still loads the images.

No, I'm not joking. We do have this option, and it's consistent with the defaults across private mail providers. Still waiting for your list of the ones that don't load images by default.

It does not load the images. That's just patently false disinfo.

> No, I'm not joking. We do have this option, and it's consistent with the defaults across private mail providers. Still waiting for your list of the ones that don't load images by default.

If you read back, you'll see I wrote email clients and providers. But I'll note that you have not provided a list of clients or providers with privacy defaults that are worse than yours.

> It does not load the images. That's just patently false disinfo.

It absolutely does. You have no idea how your own product works. I literally showed you a tool where you (or anyone else) can verify this yourself in a few minutes: https://www.emailprivacytester.com - By the way, I am the author of this tool, and your email product is the least privacy preserving email product on the market right now.

I just compared Skiff and Tutanota on your tool. The results were the same. Thank you for confirming this.

I take it by your lack of response that you're just going to ignore this bug report and leave your users exposed to the privacy issue.

Here's a Youtube video I created of it happening: https://www.youtube.com/watch?v=P30Qi2MSbUQ

I'll be blogging this up unless it's acknowledged and fixed.

I assume that once you've fixed the bug you'll be contacting all of your users to let them know that they've been exposed to this privacy flaw. At least the ones that may have disabled remote content at some point.

I just tested Tutanota and it does not have the same bug that skiff has. I think you must be having trouble understanding what the bug is. In skiff, even if you choose to not load remote images, when you view an email that has remote images, although it doesn't show the images, it does fetch them. I look at my web server logs, and I can see it happen. Emailprivacytester.com also shows it happen. I have tested this several times now.

I do not know what your difficulty is. Perhaps you should pass this on to somebody more technical than yourself at your organisation who can actually understand and diagnose the problem.

Also. Since you used Tutanota as an example. From https://tutanota.com/security

> by default, does not load external content from other servers (pictures and videos in emails). The user can choose to have external content shown with a single click or tap, if they trust the sender.

So there you go. An email company that does not load images by default. Whereas the default setting for Skiff is to load images automatically. So in this respect, Tutanota puts "privacy first" and Skiff doesn't.