iMip email should include images as attachments rather than HTML references to URLs on server

[brad2014]

When an invitee email is associated with a calendar invitation, the invitee receives iMip emails as the invitation is made, updated, and canceled.

Unlike most other emails sent by the nextcloud server, the iMip emails do not necessarily go to nextcloud registered users - they can go to anyone. Furthermore, if the nextcloud server is hidden within an organization behind a firewall, these emails can go outside the organization, to users who do not even have access to the server.

We support the ability to suppress accept/decline buttons/links when a nextcloud server is not on the open internet (see issue #12156). However the iMip emails still contain links to images, such as the logo and various embedded graphics decorating the location, time, description of the event.

I propose that these images, which are small, be attached to the iMip email and referenced in HTML as "cid:..." URI's. This has two useful effects:

1. Users who do not have access to the server will see properly formatted HTML emails, complete with images.

2. For users who do have access to the server, URL images may be construed as privacy-breaching beacons, putting entries in the server logs that show when and where messages were read.

The downside is that iMip emails will be somewhat larger, as the images are attached to them.

[brad2014]

@georgehrke, @ChristophWurst I'm going to do this, if it is consistent with your next release goals. Do you have concerns?

[brad2014]

Ugh - it's easy to add inline (data:image/png,base64) image URL's in place of URL's that link back to the server (which in our case is not web accessible), but gmail (and apparently other web mails) doesn't accept them. I suspect the only web email-reader-safe organization of an invitation would be:

• multipart/mixed
  • multipart/alternative
    • text/plain
    • multipart/related
      • text/html
      • image/png (logo - I suspect gmail doesn't accept SVG, but I'll try it.)
      • image/png (icons, maybe could be a single sprite for all of them)
  • text/calendar (ics attachment)

Let me think about it.

[ChristophWurst]

Ugh - it's easy to add inline (data:image/png,base64) image URL's in place of URL's that link back to the server (which in our case is not web accessible), but gmail (and apparently other web mails) doesn't accept them.

yep also recently found out this doesn't quite work nextcloud/mail#2733 (comment)

[brad2014]

Workaround note (for those who google): If you run a nextcloud 19 server behind a firewall (or you want to increase the privacy of email recipients, by not requiring their emails to ping the server), then you may want to disable images and links in emails that require access to the server:

php occ config:settings:set dav invitation_link_recipients --value no
php occ config:system:set mail_send_plaintext_only --value true --type boolean

Of course, the system setting mail_send_plaintext_only affects all emails (including notifications to users, for example, password reset emails), not just calendar invitations to external parties who can't access the server.

[joshtrichards]

Related #13557 (solutions will likely be similar)