Hi, My autoconfig setup works, but the endpoint K-9 seems to request when getting autoconfig is /mail/config-v1.1.xml and not /mail/config-v1.1.xml?emailaddress=user@mydomain.com. The latter is used in the Thunderbird desktop client. Is there something wrong with my K-9 setup or does K-9 not support the mentioned url endpoint yet? If not supported, do you plan on supporting this url in the future and if so when? All the best.
This was done deliberately. We don’t want to send the email address to the autoconfig server without the user’s explicit consent.
Not sending the email address works most of the time because for many providers the config is just a static file. Having K-9 Mail not send the email address is a way for us to find out what providers currently depend on the email address being sent.
Are you running your own autoconfig server? If so, do you really need email address-specific settings?
Now I feel like Jim Carrey in the 1997 (oh, that’s old) movie “Liar, Liar”. I probably do not “re-he-he ally need” the email address, just that I went with the “preferred” Thundbird style and have made a couple of small scripts to support the endpoint. I have a small amount of system users who could be handled through a script, as the username is not the same as their email addresses. But I could prob set up aliases. Thanks for you answer. Also not sure if Apple Mail and advanced Outlook needs specific setup, but that for later. Thanks for the reply. Much appreciated.
We want to change autoconfig to make it possible for a server to request the email address via a special response. That way clients can ask the user for explicit consent in the rare cases when an email address is necessary, but use the more privacy friendly default of not sending the email address.
However, this requires changes to both clients and servers. We’ve created a “mailing list” where we want to announce such changes in the future. As someone implementing autoconfig on the server-side, you probably want to regularly check or join the Autoconfig topicbox.
2 Likes
We are a provider currently that depend on the email address being sent.
It is quite regrettable that this feature was disabled deliberately in K-9 Mail causing more headache to end-users, and without much notice or information to them.
That you want to change autoconfig to make it possible for a server to request the email address via a special response and transmit the email address in a more authorised and secure way (POST over HTTPS) is an excellent idea but until that is concretely implemented, the current auto-config that works fine till now should remain enabled and usable by default.
Currently Thunderbird desktop client still allows it. And it is essentials in our case where the username differs from the email address needs to be detected correctly for autoconfiguration as well as other settings.
Without it, you make it much more complicated than it should for end-users to setup their email account! No longer user friendly…
You could already setup a consent UI form to prompt end-users for their authorisation while waiting for a better auto-configuration implementation client and server side in the future. This would not force end-users to proceed one way or another but let them choose and decide to run auto-config and transmit their email address or not and configure manually. This way it may also allow you to gather statistics on which provider rely on the feature without much impacting end-users. Wouldn’t it be a better way?!
Currently the topicbox seems empty and requiring approval to join Topicbox
K-9 Mail never had this feature. Automatic setup didn’t work for your users in old versions of K-9 Mail. Now that we switched to using (a reduced version of) Autoconfig, it apparently still doesn’t work. I don’t see how that’s “more headache to end-users”. The situation for your users hasn’t changed at all.
One could argue that you’re making your users’ lives hard by not allowing the email address to be used as the username. Not every email client supports Autoconfig (including sending the email address). So some of your users always have the problem that they need to manually find the username to their email address.
But if you can automatically do the mapping during Autoconfig, you could also automatically do it before authentication. I realize this would require changes to your infrastructure. But it would benefit all users not using an Autoconfig client that sends the email address.
We’d then have to always ask for consent. That’s especially frustrating for users when after giving consent server settings can’t be found automatically because the provider doesn’t support Autoconfig.