Configuring and securing AquaMail

AquaMail Advantages

  1. Search capability in settings.

AquaMail Disadvantages

  1. Have NO own accounts credentials manage and сonsequently credentials data manage / encryption - Android accounts functionality used.

  2. Have NO in-app mail data / and accounts credentials encryption.

  3. Have no own SMTP / POP3 implementation - app rely on Android accounts sync functionality.

  4. By adding account to this app you actually adds account to the Android Accounts list.
    Some great security concern about it:
    All added accounts also get this phone (device) as trusted in it's Google's account settings.
    From the moment you add Google accounts you will receive Android push security notifications for all added accounts where you can confirm account logging-in since your phone is trusted and permanently connected to Google for all added accounts, so your stolen phone can be used to compromise all added Google accounts.
    Full phone encryption with PIN - highly advised.
    Adding only non-security sensitive account is suggested.
    Adding only accounts that already used in Google Play is recommended.

  5. If you removes particular account from the Android Accounts list - this account also will be removed from Aqua Mail.

  6. Analytics / Crashlytics inside the app.

  7. PGP NOT supported.

  8. App costs too much to buy.
To remove Direct and Indirect telemetry
Settings -> Composing and sending -> Send Usser-Agent -> turn OFF.
Settings -> About -> Send usage statistics -> turn OFF.

Recommended settings

Better to use
Settings -> Smart Folder -> Send messages -> turn ON.
Settings -> Account list -> Expand accounts -> set None.
Settings -> Account list -> Combined drafts -> turn ON.
Settings -> Look and feel -> Hide the account list screen -> turn OFF (to enable it).
Settings -> Message view -> Open web links in Aqua Mail -> turn OFF.
Settings -> Message view -> Hide quoted text -> turn OFF.
Settings -> Message view -> Fast scroll -> turn OFF.
Settings -> Message list -> Select "All" means -> change 'Visible messages' to 'Loaded mesages'.
Settings -> Conversations -> Break on subject change -> turn OFF.
Settings -> Mail, receiving -> Messages to sync -> change 50 to 5000.
Settings -> Mail, receiving -> Messages to cache -> change 250 to 10000.

Settings -> Search -> Max. number of results -> change '500 messages' to '1000 messages'.
Settings -> Data storage -> Folder for caching attachments -> change 'In built-in large memory' to 'On the memory card'.
Settings -> Message notifications -> Notify about -> change 'All unread messages' to 'New unread messages'.

#For WiFi Settings + Mobile Data Settings
Settings -> Network -> Load when checking mail -> change 'Up to 10 KB' to 'No limit' (increase storage usage).
Settings -> Network -> Load when viewing a message -> change 'Up to 25 KB' to 'No limit'.

Suggestions

  1. It is better to re-build app without analytics / crashlytics.

  2. Use only account that already added to Google Play.