The User-Agent: header can be fun and interesting and useful for
debugging, but it also leaks quite a bit of information about the user
and their software stack.
This represents a potential security risk (attackers can target the
particular stack) and also an anonymity risk (a user trying to
preserve their anonymity by sending mail from a non-associated account
might reveal quite a lot of information if their choice of mail user
agent is exposed).
Users who want to configure `user_agent` to `yes` can still do so, but
it makes sense to have safer defaults.