From 3e240fe34dcce796b2b9b5da77f7bf1cfa479d57 Mon Sep 17 00:00:00 2001
From: Max Dor <git@max.dorius.io>
Date: Fri, 1 Feb 2019 15:41:44 +0100
Subject: [PATCH] Improve fraudulent unbind notification

---
 .../threepids/email/unbind-fraudulent.eml     | 30 ++++++++++++-------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/src/main/resources/threepids/email/unbind-fraudulent.eml b/src/main/resources/threepids/email/unbind-fraudulent.eml
index 3f15af6..bd94597 100644
--- a/src/main/resources/threepids/email/unbind-fraudulent.eml
+++ b/src/main/resources/threepids/email/unbind-fraudulent.eml
@@ -23,24 +23,31 @@ If you do not understand this email, please forward it to your System administra
 
 As the system administrator:
 
-If you are using synapse as a Homeserver, this is a known issue and abuse of separation of concerns. As a privacy-centric
-product and given that it is not possible to remove 3PIDs using mxisd as those only exists in your Identity stores, the
-request was actively blocked.
+If you are using synapse as a Homeserver, this is a known issue related to MSC1194 [1] and abuse of separation of concerns.
+As a privacy-centric product and to protect your privacy, the request was actively blocked. We have written a more detailed
+explanation on our Privacy wiki page [2] (Direct link [3]) so you can fully grasp the impact for you and your users.
 
-We have open an issue on the synapse repos to reflect the related privacy concerns and GDPR violation(s) and would
+We have open an issue [4] on the synapse repos to reflect the related privacy concerns and GDPR violation(s) and would
 appreciate if you could comment on it or simply adds a thumbs up so the concerns are finally dealt with by the synapse dev team.
-Issue: https://github.com/matrix-org/synapse/issues/4540
 
 If you are using another Homeserver or this came following no action from your own users, then you have been the target
 of an unbind attack from a rogue entity which was blocked. You may want to check your logs to see the exact source of
 the attack and take relevant actions following your policy.
 
-If you would like to disable these notifications, please see the 3PID sessions configuration documentation.
+If you would like to disable these notifications, please see the 3PID sessions configuration documentation [5].
 
 Thanks,
 
 %DOMAIN_PRETTY% Admins
 
+---
+
+[1] https://github.com/matrix-org/matrix-doc/issues/1194
+[2] https://github.com/kamax-matrix/mxisd/wiki/mxisd-and-your-privacy
+[3] https://github.com/kamax-matrix/mxisd/wiki/mxisd-and-your-privacy#msc1194-synapse-and-impacts-on-your-privacy
+[4] https://github.com/matrix-org/synapse/issues/4540
+[5] https://github.com/kamax-matrix/mxisd/blob/master/docs/threepids/session/session.md#configuration
+
 --7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ
 Content-Type: multipart/related;
 	boundary="M3yzHl5YZehm9v4bAM8sKEdcOoVnRnKR";
@@ -97,9 +104,11 @@ If you are the system administrator of the Matrix installation, read the second
 
 <p>As the system administrator:</p>
 
-<p>If you are using synapse as a Homeserver, this is a known issue and abuse of separation of concerns. As a privacy-centric
-   product and given that it is not possible to remove 3PIDs using mxisd as those only exists in your Identity stores, the
-   request was actively blocked.</p>
+<p>If you are using synapse as a Homeserver, this is a known issue related to <a href="https://github.com/matrix-org/matrix-doc/issues/1194">MSC1194</a>
+   and abuse of separation of concerns. As a privacy-centric product and to protect your privacy, the request was actively
+   blocked. We have written a more detailed explanation on our <a href="https://github.com/kamax-matrix/mxisd/wiki/mxisd-and-your-privacy">Privacy wiki page</a>
+   (<a href="https://github.com/kamax-matrix/mxisd/wiki/mxisd-and-your-privacy#msc1194-synapse-and-impacts-on-your-privacy">Direct link to section</a>)
+   so you can fully grasp the impact for you and your users.</p>
 
 <p>We have open an issue on the synapse repos to reflect the related privacy concerns and GDPR violation(s) and would
    appreciate if you could comment on it or simply adds a thumbs up so the concerns are finally dealt with by the synapse dev team.<br/>
@@ -109,7 +118,8 @@ If you are the system administrator of the Matrix installation, read the second
    of an unbind attack from a rogue entity which was blocked. You may want to check your logs to see the exact source of
    the attack and take relevant actions following your policy.</p>
 
-<p>If you would like to disable these notifications, please see the 3PID sessions configuration documentation.</p>
+<p>If you would like to disable these notifications, please see the
+<a href="https://github.com/kamax-matrix/mxisd/blob/master/docs/threepids/session/session.md#configuration">3PID sessions configuration documentation.</a></p>
 
 <p>Thanks,</p>