I have noticed since watching apache logs on my blog that the emails of Pleroma users are visible. Is that how it should be? Seems like it's a security leak.
Are mastodon emails de facto public too?


To answer your question,
Mastodon are not email default public.(perhaps moderators can see users email.)
As far as I know Pleroma and mastodon are based on different structural.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.