Currently I’m finetuning my chatmail relay configuration and I’m curious, if the parameterdelete_inactive_users_after might also have consequences for regular users, who haven’t deleted their account, but do not start the app from time to time (which I can say from practice happens with Telegram users from time to time as well).
So from my understanding this would mean if someone installed Delta Chat on his phone and started chatting with a single person, the last_login timestamp is being set to this very moment. Then the phone kills the app from running in the background (just an example) and the person does not start Delta Chat by hand after that. Now the period of time set in delete_inactive_users_after passes by.
Will the persons account be deleted from the server then? And what are the consequences? Will they get a notification if they open the app later? Will they be unable to login? Will there be a way to “recover” the account?
If the account gets deleted after this period of time I think it would be very important for server admins to KNOW about this. Because they might want abandoned/deleted accounts to be purged fast, so they might set it to a very short phase, but they might not want to force their users to have to start the app every let’s say 7 days to keep their account alive. So this configuration parameter should be paid greater attention at.
Otherwise this could lead to frustration on user side which is indeed no boost for Delta Chats reputation amongst “ordinary users” who don’t really understand the technical background (or don’t know it because the chatmail relay admin did not tell them before creating an account).
better not to change the default of 90 days, having accounts in the server costs you nothing, after 20 days all messages will be deleted so the inbox will use almost no space
when the person gets back after 90 days, the account will recreated automatically when their Delta Chat client attempts to login so they will not even notice any problem, some messages might be lost since anything older than 20 days get purged and when the account is deleted no new emails are stored
Hm that’s an interesting thought. But is that a realistic problem? The default configuration creates a 9 char prefix for the addresses so with alphanumeric characters (26 letters + 10 numbers) this would mean we have 9^36 combinations making a total of roughly 2.25 * 10^34 combinations.
I agree with you that a combination which was given before and where still messages arrive can be a privacy problem – but if my calculation was right the chance for a match is really really small.
That’s interesting. Can you prove this somehow or where do you know that from? So from what you are saying there would be absolutely no problem to set delete_inactive_users_after to a small timeframe as “active devices” will always keep their account – at least if the account on the server has been deleted in the meantime (and therefore no new messages will arrive which you already mentioned). Is that right?
That’s another interesting thought – maybe I should differ between accounts and accounts+mails where only the latter take up space.
It is possible to create an account with a specific e-mail address just by logging into it:
However, a putative troll will not have the private keys of the former user of that account, so they can block, but not MITM or impersonate (unless talking to someone using Autocrypt’s trust-on-each-use and not DC’s out-of-band key verification).
Having multiple relays on a profile makes it hard for a troll to block you!
This is also not a big deal with multi-relay as if you have not logged in for 90 days, your address was deleted and someone took over it on purpose, you can recover by adding a new relay and moving to a different address. Someone who took over your address will get undecryptable mails that are meant for you which is a bit of data, and you will miss some of the newer messages (older would be deleted anyway by this time), but that is not fatal. You will still be able to reach all your contacts.
Not suggesting reducing the setting below 90, I also think keeping empty accounts is cheap for the server.
I would think that this is considered “simple” only if you are a pro.
For a common person, I’m not sure whether the Delta Chat error message would be helpful to start investigating the root cause for them, let alone finding out how to work around the problem.
The definition of trolling is doing something for much less effort than it is required to mitigate it.
Just a remark that this susceptibility was present for years before the plausible mitigation that you mention became available just recently.
In comparison, many service providers (including for email) declare to never allow registration of the same account name after it was decommissioned by its former user. In light of this, increasing the 90 day inactivity timeout to 365 days wouldn’t be far fetched either.
And really good to know that! Thanks for clarifying 
