Hello,
I have a question about how EmailToNote works with Joplin Cloud and E2EE.
Is there a place in the documentation which explains the process ?
What I presume :
Somebody sends an email to the specific xxxx@m.jospincloud.com
The mail server receives the non encrypted data and stores it somewhere on the server.
it creates a note somewhere on the cloud server, encrypts it and sends it crypted during the next synchronisation to the desktop which will add it to the local database and resend it to the cloud server in a crypted way.
Am i right ?
When the EmailToNote service receives an email, it creates a note on your Joplin Cloud account which is encrypted at rest just like all your other notes. The plaintext email content is sensitive and likely trashed as soon as the note is created, so that Joplin Cloud no longer has any access to the plaintext content of the email. But you have to understand the trade-off here, Joplin Cloud will have one time access to your email content. If the FBI orders them to spy on you, they will get all your email notes sent after the beginning of the spying. But they will not have access to all the other (non email) notes.
All your encrypted notes are synchronized between Joplin Cloud and your Joplin Desktop app. Your Desktop app has the secret password to decrypt your notes locally. Joplin Cloud never has that password. If the FBI raids Joplin Cloud, they can only get your encrypted notes, but do not have the password to decrypt them.
TLDR: Do not send very sensitive content by email.
Also I'm assuming the FBI cannot raid our server since it's in Paris. But otherwise what _vg said is correct. Although we take great care of our user data, there's a technical limitation here which means that for a moment the data is plaintext on the server, so it's better not to use the feature for highly sensitive data.