CHEF-KOCH's Microblog ✨

Mozilla Thunderbird user.js hardening

Mozilla Thunderbird 91.9.0

Same like the Firefox version, Thunderbird can be hardened via user.js. I update it for each new stable version.

I highly suggest only using uBlock with Thunderbird and that is it.

You can add some additional add-ons to expand some features that Thunderbird already offers but less is more and Thunderbird add-ons are in general less often updated than Firefox based ones. They are often outdated, not working with the latest Thunderbird version and maintaining them still seems to be a problem.

This version removes and reduces eMail to the essential, means plain text emails only and absolute no scripting.

Entries are alphabetically sorted.

user_pref("_user.js.cktn", "maxprotect_20220410");

user_pref("beacon.enabled", false);
user_pref("browser.cache.disk.enable", false);
user_pref("browser.cache.offline.enable", false);
user_pref("browser.chrome.favicons", false);
user_pref("browser.chrome.site_icons", false);
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
user_pref("browser.display.use_document_fonts", 0);
user_pref("browser.formfill.enable", false);
user_pref("browser.region.update.enabled", false);
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.url", "");
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.update", "false");
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("dom.security.https_only_mode", true);
user_pref("extensions.getAddons.cache.enabled", false);
user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
user_pref("extensions.ui.lastCategory", "addons://list/extension");
user_pref("general.useragent.override", "");
user_pref("gfx.downloadable_fonts.enabled", false);
user_pref("gfx.font_rendering.opentype_svg.enabled", false);
user_pref("javascript.enabled", false);
user_pref("layout.css.visited_links_enabled", false);
user_pref("ldap_2.servers.outlook.dirType", false); // Enable it only if you explicitly need to work with Outlook address book, it causes slow-downs + triggers AVs.
user_pref("mail.chat.enabled", false);
user_pref("mail.cloud_files.enabled", false);
user_pref("mail.collect_email_address_outgoing", false);
user_pref("mail.collect_email_address_outgoing", false);
user_pref("mail.compose.big_attachments.notify", false);
user_pref("mail.default_html_action", 1);
user_pref("mail.html_compose", false);
user_pref("mail.html_sanitize.drop_conditional_css", true);
user_pref("mail.identity.default.compose_html", false);
user_pref("mail.inline_attachments", false);
user_pref("mail.inline_attachments.text", true);
user_pref("mail.openpgp.allow_external_gnupg", true);
user_pref("mail.showCondensedAddresses", false);
user_pref("mail.smtpserver.default.hello_argument", "[127.0.0.1]");
user_pref("mail.strictly_mime", true);
user_pref("mail.tabs.autoHide", true);
user_pref("mail.ui.display.dateformat.thisweek", 4);
user_pref("mailnews.auto_config.fetchFromExchange.enabled", false);
user_pref("mailnews.auto_config.fetchFromISP.sendEmailAddress", false);
user_pref("mailnews.auto_config.fetchFromISP.sendEmailAddress", false);
user_pref("mailnews.auto_config.fetchFromISP.sslOnly", true);
user_pref("mailnews.auto_config.guess.sslOnly", true);
user_pref("mailnews.display.date_senders_timezone", true);
user_pref("mailnews.display.disallow_mime_handlers", 3);
user_pref("mailnews.display.html_as", 1);
user_pref("mailnews.display.prefer_plaintext", true);
user_pref("mailnews.display.show_all_body_parts_menu", true);
user_pref("mailnews.headers.showSender", true);
user_pref("mailnews.headers.showUserAgent", true);
user_pref("mailnews.send_plaintext_flowed", true);
user_pref("mailnews.start_page.enabled", false);
user_pref("mailnews.wraplength", 0);
user_pref("media.autoplay.block-event.enabled", true);
user_pref("media.autoplay.block-webaudio", true);
user_pref("media.ffmpeg.vaapi-drm-display.enabled", false);
user_pref("media.getusermedia.screensharing.enabled", false);
user_pref("media.hardware-video-decoding.enabled", false);
user_pref("media.navigator.enabled", false);
user_pref("media.peerconnection.enabled", false);
user_pref("media.video_stats.enabled", false);
user_pref("network.IDN_show_punycode", true);
user_pref("network.connectivity-service.enabled", false);
user_pref("network.cookie.cookieBehavior", 2);
user_pref("network.dns.disablePrefetch", true);
user_pref("network.http.referer.XOriginPolicy", 2);
user_pref("network.http.sendRefererHeader", 0);
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("network.prefetch-next", false);
user_pref("pdfjs.enableScripting", false);
user_pref("privacy.antitracking.testing", true);
user_pref("privacy.trackingprotection.cryptomining.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
user_pref("rss.display.disallow_mime_handlers", 3);
user_pref("rss.display.html_as", 1);
user_pref("rss.display.prefer_plaintext", true);
user_pref("rss.show.content-base", 1);
user_pref("security.OCSP.enabled", 0);
user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.family_safety.mode", 0);
user_pref("security.mixed_content.block_active_content", true);
user_pref("security.mixed_content.upgrade_display_content", true);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_aes_128_sha", false);
user_pref("security.ssl3.rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_des_ede3_sha", false);
user_pref("security.tls.enable_0rtt_data", false);
user_pref("services.settings.server", "[127.0.0.1]");
user_pref("toolkit.datacollection.infoURL", "[127.0.0.1]");
user_pref("toolkit.telemetry.archive.enabled", false);
user_pref("toolkit.telemetry.brhPing.enabled", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("toolkit.telemetry.updatePing.enabled", false);

#hardening #user.js #Thunderbird #Mozilla

- 3 toasts