I just started my de-googling journey recently, and so the mechanics of notifications were still unclear to me, and I found this video super helpful.
It explains how most mobile messaging apps (including privacy-focused ones like Signal) rely on Google and Apple’s centralized servers to deliver push notifications, which exposes vast amounts of user metadata.
Here’s the YT link, for people who prefer it: https://youtu.be/c3ennD3wKn0



This is the reason why I went out of my way to use Molly (a fork of Signal), since it supports delivering the push notifications through a self-hosted server instead. Unfortunately the process is complex: it requires both a method to deliver the notifications to your phone via UnifiedPush (an alternative to Google’s push system that generally suffices on its own) and a compatibility service called MollySocket (that bridges Signal’s notifications with the UnifiedPush provider). Both typically need a self-hosted server and specific configuration to talk to each other though. And I don’t even have any contacts that use Signal anymore, so, well…!