Good work on the /e/ os. I installed it on a nexus 4 (agreed it is community supported). I signed into my that the email app. Though I realised it did not ask me for my APP PASSWORD like what a typical AOSP email app. It asked me to sign in using OAuth 2.0 protocol.
A few days later while seeing my “Google account security checkup” showed that last login from “Galaxy J7 Prime”. I was shocked - wondering - if my account had been hacked. I never had such a device.
Later when I check my user agent in “/e/ installed nexus4” it shows Samsung Galaxy J7 Prime SM-G610M.
Please give a warning to user that you spoof the device name. Alternatively, the customer may wonder if installing /e/ has leaked the credentials or /e/ has been hacked or has a backdoor. This is very bad for your brand.