2025.02.01.1

---

• Updated to Phoenix 2025.02.01.1.

• Allowed arkenfox.github.io to use JavaScript in uBlock Origin by default (Useful for testing...)

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.30.1

---

• Updated to Phoenix 2025.01.30.1.

• Similar to Phoenix, we now include our own recommended extensions and themes in the Recommendations panel of Add-ons and Themes! See here for details on what extensions are included, why, and the criteria for inclusion. Feel free to make suggestions if we're missing an extension or theme you'd like to see! (Currently only includes DKIM Viewer & uBlock Origin - which we preinstall anyways... ;))

• Ensured that local IP addresses are not leaked via EHLO/HELO... - mail.smtpserver.default.hello_argument -> [127.0.0.1]

• Limited classes that can process incoming data for emails & RSS feeds. - mailnews.display.disallow_mime_handlers & rss.display.disallow_mime_handlers -> 3

• Disabled the automatic collection of email addresses for Thunderbird's Address Book by default. - mail.collect_email_address_outgoing -> false

• Explicitly set preferred address display format to Full name and email address by default. - mail.addressDisplayFormat -> 0

• Emails & RSS feeds will now be viewed in plaintext if possible by default. - mailnews.display.prefer_plaintext & rss.display.prefer_plaintext -> true

• Users are now alerted if BCC (Blind Carbon Copy) alerts haven't been addressed. - mail.compose.warn_public_recipients.aggressive -> true

• Disabled showing preview, sender, and subject in email alerts/notifications by default. - mail.biff.alert.show_preview, mail.biff.alert.show_sender, & mail.biff.alert.show_subject -> false

• Explicitly blocked DKIM Verifier from accessing restricted domains and running in private windows. - (The latter currently only works on Nightly)

• Explicitly enabled SmartBlock - extensions.webcompat.enable_shims, extensions.webcompat.perform_injections, & extensions.webcompat.perform_ua_overrides -> true

• Explicitly disabled legacy XMPP gateways for Facebook, Google, Twitter, and Yahoo... - chat.prpls.prpl-facebook.disable, chat.prpls.prpl-gtalk.disable, chat.prpls.prpl-twitter.disable, & chat.prpls.prpl-yahoo.disable -> true

• Disabled reporting chat status as away when idle by default. - messenger.status.awayWhenIdle -> false

• By default, RSS feeds should now open in your default web browser, instead of Thunderbird. - rss.show.content-base -> 3

• Re-enabled the Geolocation API & stopped blocking geolocation prompts by default, as it is fingerprintable, and Thunderbird doesn't support it anyways (+ it's already covered by our other prefs for defense in depth) - geo.enabled -> true, permissions.default.geo -> 0

• Re-enabled the Web Notifications API & stopped blocking notification prompts by default, as it is fingerprintable, and Thunderbird doesn't support it anyways (+ it's already covered by our other prefs for defense in depth) - dom.webnotifications.enabled -> true, permissions.default.desktop-notification -> 0

• Removed the -CanvasExtractionBeforeUserInputIsBlocked FPP override, as Thunderbird doesn't support permission prompts for canvas data extraction... - privacy.fingerprintingProtection.overrides -> +AllTargets,-CSSPrefersColorScheme,-FrameRate,-HttpUserAgent,-NavigatorUserAgent

• Allowed certain testing websites to use JavaScript in uBlock Origin by default. - abrahamjuliot.github.io, browserleaks.com, deviceinfo.me, & permission.site

• Enabled the ability to report malicious add-ons/themes to Mozilla by default. - extensions.abuseReport.enabled -> true

• Enabled viewing the timezone/offset of senders by default. - mailnews.display.date_senders_timezone -> true

• Enabled showing progress when a message is being saved/sent... - mailnews.show_send_progress -> true

• Enabled the UI toggle for controlling dark theme in the message panel. - mail.dark-reader.show-toggle -> true

• Other minor tweaks and fixes :)

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.27.1

FYI: Users who manually installed Dove on macOS or GNU/Linux who used the sudo mv commands from the README are highly recommended to reinstall Dove with the updated steps, due to potential security issues. Thank you to doomedguppy for discovering & reporting this issue on Phoenix, and thank you to @Modaresisofthard for the prompt response and fix.

---

• Updated to Phoenix 2025.01.27.1.

• Installed + hardened DKIM Verifier by default (See details - https://codeberg.org/celenity/Dove/issues/6 - Thanks to @boredsquirrel for the suggestion! 💜

• Disabled macOS Spotlight & the Windows File Indexer by default - mail.spotlight.enable, mail.winsearch.enable, searchintegration.enable -> false, mail.spotlight.firstRunDone & mail.winsearch.firstRunDone -> true

• Permission is now always required for launching external apps. - mail.external_protocol_requires_permission -> true

• Disabled WebRTC by default for attack surface reduction - media.peerconnection.enabled -> false

• Users are now notified when downloads are initiated and completed by default. - browser.download.manager.focusWhenStarting, browser.download.manager.showAlertOnComplete, browser.download.manager.showWhenStarting -> true

• Added additional prefs for sanitizing data on exit - privacy.clearHistory.cookiesAndStorage, privacy.clearOnShutdown.cookies, privacy.clearOnShutdown_v2.cookiesAndStorage, & privacy.clearSiteData.cookiesAndStorage -> true

• Explicitly disable status bar spoofing - dom.disable_window_status_change -> true

• Re-enabled Thunderbird's Password Manager by default, as it's the only way to store account passwords... - OfferToSaveLoginsDefault -> true, signon.rememberSignons -> true

• When saving a message to a file, underscores are now used in the filename instead of spaces by default... - mail.save_msg_filename_underscores_for_space -> true

• Other minor tweaks and fixes :)

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.22.1

---

• Updated to Phoenix 2025.01.22.2.

• Preferences are now set in both dove.cfg and dove.js for redundancy, consistency, and defense in depth.

• Build process has been refined and improved to match Phoenix's latest changes.

• Various tweaks, fixes, and clean-up + re-organization.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.20.2

---

• Updated to Phoenix 2025.01.20.2.

• Explicitly enabled a couple more ETP Strict protections - network.cookie.cookieBehavior.optInPartitioning.pbmode & network.cookie.cookieBehavior.trackerCookieBlocking -> true

• Fixed syntax error with policies.json... 😅

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.20.1

---

• Updated to Phoenix 2025.01.20.1.

• Upgraded to Phoenix's new approach to fingerprinting protection (https://codeberg.org/celenity/Phoenix/issues/46) with adjustments to meet our needs. Most notably, we disable both Phoenix's & Mozilla's FPP overrides, and stop spoofing the HTTP User Agent header & Navigator User Agent, as this pretends to be Firefox which causes breakage & other undesired behavior in our use case... - privacy.fingerprintingProtection.granularOverrides -> , privacy.fingerprintingProtection.overrides -> +AllTargets,-CanvasExtractionBeforeUserInputIsBlocked,-CSSPrefersColorScheme,-FrameRate,-HttpUserAgent,-NavigatorUserAgent, privacy.fingerprintingProtection.remoteOverrides.enabled -> false, privacy.resistFingerprinting -> false, and privacy.resistFingerprinting.exemptedDomains ->

• Unlocked the majority of preferences we previously had locked, so that users can now override them if desired.

• Similar to Phoenix, we replaced the mail.dove.*.applied prefs with mail.dove.*.status prefs - as this is far cleaner and easy to manage (as well as better organized...)

• Clean-up & reorganization, as well as other minor tweaks, fixes, and enhancements...

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.14.1

---

• Updated to Phoenix 2025.01.14.1.

• Fully enabled Bounce Tracking Protection (part of ETP Strict) - privacy.bounceTrackingProtection.mode -> 1

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.13.1

---

• Updated to Phoenix 2025.01.13.1.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.12.1

---

• Updated to Phoenix 2025.01.12.1.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

2025.01.06.1

---

• Updated to Phoenix 2025.01.06.1.

• Updated uBlock Origin to 1.62.0.

• Allowed uBlock Origin to run on 'sites with restrictions' by default. This is currently the behavior on Firefox - but since the Thunderbird version of uBO isn't 'Recommended' by Mozilla, we need to manually set it. - [email protected] -> true

• Set Thunderbird's 'Start Page' to about:config. It's now significantly easier to access the about:config on Thunderbird - simply by navigating to Go -> Mail Start Page in the menu bar, or by pressing Alt + home. - mailnews.start_page.url -> about:config

• Enabled inline spellcheck when composing messages by default. - mail.spellcheck.inline -> true

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)