I know Rob has mentioned in a live stream on rumble:
That the best way to use Gmail if you must is in a browser only used for that purpose and nothing else. And sadly I have a gmail account I can’t dump at the moment and I need to check the data stored in it in low to zero connectivity areas, therefore Thunderbird would be a better option as it can hold the mail for searching etc even if offline.
So my question is if I clear the cookies on the browser after setting up Thunderbird with Gmail and set it to only fetch when I ask (no auto fetch/download), would that be close to using a separate browser? As I understand it thunderbird is for privacy and they only have the token that allows to access Gmail, and it doesn’t access anything else.
Or am I wrong and Google can use that token/ID in Thunderbird to do everything and track in other apps as well? Or at least spy on other accounts in Thunderbird? Although I would think if that were the case it would have been talked about before now.
This advice is sound because it isolates cookies, local storage, and login state from your normal browsing.
However, using Thunderbird with OAuth achieves almost the same isolation, because Thunderbird does not share browser storage, cookies, or session state with your main browser at all.
Yes. After OAuth setup:
The browser is no longer involved
Thunderbird uses its own stored OAuth token
Clearing cookies removes Google’s ability to link future browsing to that Gmail login
From Google’s perspective, this is functionally equivalent to a separate browser profile used once and then discarded.
This understanding is correct.
The OAuth token:
Is scoped to Gmail (IMAP/SMTP)
Does not grant access to other Google services
Does not expose system, app, or browser data
Cannot be reused outside of mail access
Thunderbird does not embed Google services or trackers.
You are not wrong.
Google cannot:
Use the token to identify you in other apps
Correlate it with non-Google software
Track system-wide activity
OAuth tokens are service-specific.
That shouldn’t be the case. Best to ask thunderbird devs what isolation is there between accounts.
Thank you for confiming my understanding of OAuth tokens and using Thunderbird has almost the same isolation (after clearing browser cookies) as using a partcular browser for google only tasks.
I will check up on the isolation between accounts in Thunderbird, but I seem to recall reading about this elsewhere they were. Thanks again.