Yes and you can use rsync instead of Dropbox ($10B)
People are willing to pay for convenience. Your mutt isn’t going to automatically find all large attachment, downsize them or handle inline images, but you didn’t read the article so you wouldn’t know that.
What an unnecessarily combative response. The person never claimed that this service has no value; that’s a strawman you constructed. They’re just helpfully pointing out another (free!) way of accomplishing the same thing for those who might want it.
Doesn't this show the complete opposite of what you intended?
Removing attachments is a standard feature of just about any email client, even extremely barebones/cli ones. That was the point. Yet, Gmail is lacks this convenience. Are you seriously arguing that none wants Gmail?
Yes, for any attachment/mime-section ("inline" is just a flag of "Content-Disposition" header in corresponding mime section).
No, across many emails, at least not without writing some macros.
Sort-of, labeling deleted attachment. You can attach a label to whole email, or edit raw, to edit/replace an attachment with placeholder/label text. A bit fiddly, but doable with some vim-fu.
I've just tried doing this with Mutt. It's quite awkward, but (after fidling with the interface) it did create a new email with an empty attachment, i.e. the attachment is still there, but it has zero bytes. Also, the original email remained within Gmail. So, it seems that Mutt doesn't work well with Gmail for this use case. (Disclaimer: I am the author of the web app Unattach.)
That's a "feature" of gmail's IMAP server that is easy to confuse for a client bug - see pugio's comment about having exact same problem when using Thunderbird.
Gmail knows nothing about folders (where given email is in exactly one of those), instead using "labels" (which an email can have zero or more of). Problematic "feature" here is that their IMAP interface exposes labels as folders. So, if client asks server to delete message from given folder, instead gmail removes label with that name (then adds "Archive" label, to confuse thing just that little bit more)
Luckily, there is an obscure "When a message is marked as deleted and expunged from the last visible IMAP folder" option to rectify this intentional defect.
The business model of Unattach seems problematic though. Folks with storage issues are the ones who will not want to pay to increase storage for their Google account (not judging) but they would pay for a service to delete attachments?
Yes. While this service is cheaper than the upgrade, it is in a narrow space if they are competing on price. And with the files unattached you now have a convenience issue.
Hi LightG, author of Unattach here. I'm happy to hear that you're considering using the app.
Regarding scale, practically all of the work is done within the user's browser; the server is used only for downloading the app, auth, admin and metrics.
>You missed the world of file hosting services connected to the world of piracy.
Honestly, I think this is just very different markets. With piracy (esp. of movies), you simply get a better product than if you don't use piracy: you can get stuff outside your market, you can get subtitles you don't get with your normal streaming service, you don't need to subscribe to 12 different services at once, you don't have to worry about not being able to watch a movie because your internet connection is down, you don't have to watch a bunch of ads, etc. Piracy isn't just about saving money.
Most of your points are also about price. You could subscribe to all of them and also buy all the stuff even from outside market if you had money. I bet that’s still more convenient than hoping to find your whole series in decent quality right now.
> ut not being able to watch a movie because your internet connection is down
Some services allow you to download movies beforehand just like you would have to do with pirated movies.
>You could subscribe to all of them and also buy all the stuff even from outside market if you had money.
No, if you're not in the right region, a lot of stuff is simply unavailable to you at any price, or it's not available in your language. For instance, if you're in America, even if something is available, it's been converted into English so you can't watch it in the original language.
It doesn't matter how much money you have, unless you're talking about flying a private jet to that region which is just ridiculous.
Some users will think of it as a one-time fee, rather than annual. Or "once every few years". Also, free plan is sufficient to remove costliest large attachments.
I had no idea there was an API to modify the content of existing e-mails.
Sorry if this is a dumb question, but doesn't this open up the ability alter e-mail history at will? And so alter e-mails you'd received and/or sent?
Is there a record of this somewhere? What effect does this have on using e-mails as evidence in court cases, for example? Or is there a technical detail that necessarily gives this away?
> doesn't this open up the ability alter e-mail history at will?
Yes. It should invalidate the DKIM signature though, which mainstream servers add to each email now. So it's possible to prove the contents of that email haven't been tampered with... assuming you have a record of the sending domain's public DKIM key. I imagine your email provider would have logs indicating you modified an email too, but I have no evidence of this, nor how eagerly they would dig up such logs for a court if they have any.
I have no idea how people deal with this in practice in court. (What if the domain's DKIM key has changed? Is there an authoritative source of old DKIM keys for most domains?)
I highly suspect that, in the vast majority of legal proceedings (all but the most high-budget high-stakes ones), all involved simple assume that all the (PDF exports of / hard-copy print-outs of) emails in the case files are genuine. I doubt that the possibility of email tampering even occurs to them.
And, in the minority of cases where it really matters, and where they really suspect foul play, them I'd assume that they rely on numerous bits of technical evidence (proxy copies, CC'ed copies, file system forensics), plus on one person's testimony vs another's, because as you say, DKIM's usefulness is limited.
Isn't that the part of the trial where a lawyer asks a witness or defendant or whoever "Did you on the date X write an email saying "blah"? And the person says yes. That avoids assumptions since no-body challenges it.
Emails are just text files including the headers, contents and encoded attachments. Unless they are digitally signed (usually not the case) it's trivial to edit.
A warning about Thunderbird: It sometimes deletes the entire email rather than just the attachment. It happens with both IMAP and with mail on your local disk. I'm on Linux with a vanilla install with no add-ons or extensions and I've seen this bug in recent versions and going back 5-7 years. There's at least one bug report filed and I think I also filed a bug report. Maybe it has something to do with my configuration because I would've thought many people would have seen it by now. I avoid deleting attachments unless I think the email itself is unimportant and don't care if it also gets deleted.
Yes, you can remove attachments with Thunderbird, but it requires a lot of configuration and it is highly error-prone. Disclaimer: I'm the author of Unattach.
I never had to configure anything for Thunderbird to successfully erase attachments... it has some annoyances (like the fact that the original message is still there marked as deleted, and temporary mispositioning of messages in threads, when using thread view), but works fine without any special configuration.
I tried to use Thunderbird for this for a while, but there's a weird bug where it creates copies of emails that have the deleted attachments. You then have to delete those copies to fully delete everything.
Switch to the featured app here and everything worked seamlessly. Definitely worth it, as this way I don't have to pay for Google storage and can clean out a bunch of pure junk from my emails.
> Nice app. I'm forever running out of Google One storage and didn't realise this was possible.
Thanks! If you give it a try, I'd be interested to hear your feedback.
> 'Fortunately, I've created a web app called Unattach that solves this use case.'
I actually had this exact phrasing in the draft version of the blog post, but was advised by some against using it, because "it's standard practice not to include attribution on these types of blog posts." I've now added it back.
> Also, please consider left aligning your text as dyslexic people struggle with justified copy.
Ah, I wasn't aware of this. Just changed the whole blog post to left aligned.
Yes, Gmail API does not support this out of the box. However, you can download the raw email, update it locally, upload the modified copy, and then delete the original. This is how the web app (Unattach) described in the blog post does it. Disclaimer: I am the author.
This is something that a decent email client should do for you automatically.
I hate to say this but Outlook actually works best for me for keeping my email account to a sensible size. I use a simple VB script that I trigger with a keyboard shortcut which strips all attachments from a mail but adds the filenames of the attachments stripped at the top of the mail ("Attachment(s) removed: <file1>, <file2>, ..."). Very useful to keeping track of what was actually sent.
The other things that Outlook does really well is converting pesky HTML mails to plain text. I don't mean to just display them as plain text, but actually convert them to plain text, scrubbing all that superfluous HTML nonsense. Just open a mail, edit, format as plain text, save. I would love to find another (FLOSS) client that can do this as easily/efficiently.
I keep all old mails (that are not spam or otherwise superfluous) in a folder in my account (not Gmail, but the same principle) and can always quickly refer back to them. 100,000s of mails over 18 years barely make a dent in my allowance -- just about a GB out of 10 GB. At that rate, I won't run out of space with this workflow before I kick the bucket.
> From a technical point of view, the app deletes the attachment by inserting a new email (the one without the attachment) into your Gmail, and then deleting the original email (the one with the attachments).
I hope there is a big warning when using the app, because this makes these emails (maybe even the whole conversation chain?) wortheless should they be needed as some kind of legal evidence.
IMAP is really kinda a object store, where the objects are emails. Modify emails stored remotely is already extremely trivial.
DKIM and ARC make this a bit more secure, but they are the only way to validate an email is authentic.
DKIM key rotation with providers like AWS SES and others, after a period of time it is impossible to validate old emails as authentic. For SES it takes only 9 months for that to happen.
I assumed historical DKIM public keys were easy to find on the web, but that doesn't seem to be the case. This is weird because they are very little data and don't rotate every year, so archiving every key from Google, Amazon, etc would be easy.
Of course you would need multiple trusted sources for the key to have confidence that the mail is legit.
The app will soon support the ability to back up the whole original email (in .eml format) before any changes are made, should the originals be needed for whatever reason.
If it keeps the original email then the DKIM signature from the sending domain will still be intact. As people have pointed out, it might be necessary to keep a copy of the public keys of all the senders in order to perform that validation.
Frustratingly, Exchange breaks this possibility immediately, because it decomposes the email into components. It does preserve and validate some fancier signature schemes, but those are rarely used and have their own problems.
I have a script to auto-delete all attachments in emails more than one month old. I think it is the only sane way to keep emails around for long-term: There is no point to keep something unsearchable and greatly bloat up your mailbox.
What do they mean by this word "has been verified by Google"? Say If I have the app that involve third-party and verifying badge provided by the same third-party is life changing.
The web app needs write permissions to the user’s Gmail account. In such cases, Google requires the author to explain how the permissions are used, submit a video showing this, and ideally to have a reference from someone working at Google.
I always thought emails were immutable. I need to still believe that’s true.
Also I might be wrong but one major issue I’m having is the lack of deduplication. I sent a video once and then we talked about it for a few hundred emails and all of a sudden I had used up gigabytes of my google cloud storage.
They are, but nothing prevents you from deleting old email and creating a new one with all the same attributes, but without attachments. And that's exactly what happens, according to the quote from the page:
> we can see the message “1 deleted message in this conversation. View message or delete forever.” at the bottom. By default, Unattach puts the original email (the one with attachments) into Gmail’s Bin.
The verification badge appears to be misleading. As far as I'm aware having a public OAuth App isn't an official verification by Google and I'm surprised you haven't run into legal issues yet.
I saw it, but that still would not give you permission to create a badge stating your app is verified by Google. Do what you want but don't be surprised if you end up with legal repercussions at some point.
Works with gmail, too - assuming you've jumped through the necessary hoops to enable full read-write IMAP access to your account.
Edit: Hoops are:
- Gmail Settings > Enable IMAP
- Gmail Settings > Auto-Expunge: off
- Gmail Settings > When a message is marked as deleted and expunged from the last visible IMAP folder: Immediately delete the message forever
- Gmail Settings > Folder size limits: Do not limit
- Account Settings > Secutiry > Signing in > App password > (create one)