[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Update to default exit policy

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Update to default exit policy
From: anonym <anonym@xxxxxxxxxxx>
Date: Wed, 20 Aug 2008 20:04:04 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 20 Aug 2008 14:04:39 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=lavabit; d=lavabit.com; b=xrxyQ0SmsbnqP0L3strN/aTaGVyiCF4+fh1w3C6OiLwIRBYUUzV5IryyYdiQJhG8P92AVcLb53nqQ2M/pLf3zhL5HgXIePGtUfkSbQHb8p3WnbJSMo1w7vRWGIm8DVtj1BVaM7bDlnOafEfX5ZEoFUYHEckdhIC+baodjlbMXbY=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:OpenPGP:Content-Type:Content-Transfer-Encoding;
In-reply-to: <20080820190416.5wj48qgpc8wc084k@xxxxxxxxxxxxxx>
Openpgp: id=D0E64958; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD0E64958
References: <48A6DD45.1040509@xxxxxxxxxxxxxx> <48A8438A.3030307@xxxxxx> <48AA905B.6090604@xxxxxxxxxxxxxx> <20080819150332.GA21009@xxxxxxxxxxxxxxxxxxxxxx> <48AAEAEE.6010803@xxxxxxxxxxxxxx> <48ABFC60.70900@xxxxxxxxxxx> <48AC1F33.9000109@xxxxxxxxx> <48AC31AE.1060304@xxxxxxxxxxx> <g8hi6n$klm$1@xxxxxxxxxxxxx> <20080820190416.5wj48qgpc8wc084k@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.16 (X11/20080806)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 20/08/08 19:04, idefix@xxxxxxxxxx wrote:
> Sorry, I didn't get it: in case I'm using Thunderbird and Torbutton, and
> connect to the smtp server trough tor. Will my "real" ip adress occur in
> the mail headers, or the ip of the exit node?
> 
> I'm guessing the ip of the exit node, right? Because if not, it would be
> senseless to use tor? Would be great if someone could clarify this!

Contrary to Sven's reply I claim Thunderbird with Torbutton enabled will
_not_ leak your real IP address in the EHLO/HELO messages. Here's an
experiment proving it:

1. First, let's look at what my mail headers look like when I send mail
without Tor at all, i.e. a direct connection:

	Received: from 192.168.1.2 (nl103-154-119.student.uu.se
	[130.243.154.119])

The "192.168.1.2" address is what was reported in the EHLO/HELO message
to the SMTP server, which is my computers NAT:ed IP address. The long
address within the parenthesis is from which computer the connection to
the SMTP server was made, and in this case it's my firewall/router.

2. The following is what we get when use Thunderbird with Tor, but
without Torbutton:

	Received: from 192.168.1.2 (tor-anonymizer1.dotplex.de
	[87.118.101.102])

So, the connection was made from a Tor exit node (as expected) but the
SMTP server got my real IP address in the HELO/EHLO message. Since I'm
behind a NAT:ed firewall the IP address reported isn't very revealing,
but people whose computers are directly connected to the Internet (i.e.
no firewall/router in the way) would get their _real_ IP address there.

3. Finally, this is what gets into the the mail header for me when
enabling Torbutton:

	Received: from 0.0.0.0 (tor-anonymizer1.dotplex.de
	[87.118.101.102])

As you can see nothing is revealed here and all is good. Torbutton wins!

To see all this for yourselves, compare the mail header of this mail
(which is sent with Torbutton enabled, like experiment 3) and any of my
other emails in this thread (which are sent without Tor or any other
form of anonymization, like experiment 1).

Just to be sure I've confirmed all this with a packet sniffer -- with
Torbutton enabled the EHLO/HELO messages are scrubbed and thus harmless.
To confirm this I guess you'd have to fire up your favourite packet
sniffer and try it out yourselves.

So, yeah, with Torbutton you are definitely safer than without it. The
SMTP server does _not_ get your IP address in the EHLO/HELO message. But
there could be all sorts of other leakages that I don't know of, though,
so I wouldn't put my life on it. That's why I think more research is needed.

But let's stop hijacking this thread now. If there's more interest in
discussing this I suggest starting a new thread for that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkisXJMACgkQp8EswdDmSVic+ACg1r/BRUphZlT/vfObMh8wfpwo
XlkAnj3PY2HGSYRd3qvhScDhif19OOJ7
=jlZ3
-----END PGP SIGNATURE-----

References:
- Update to default exit policy
  - From: Dawney Smith
- Re: Update to default exit policy
  - From: Dominik Schaefer
- Re: Update to default exit policy
  - From: Dawney Smith
- Re: Update to default exit policy
  - From: krishna e bera
- Re: Update to default exit policy
  - From: Dawney Smith
- Re: Update to default exit policy
  - From: anonym
- Re: Update to default exit policy
  - From: 7v5w7go9ub0o
- Re: Update to default exit policy
  - From: anonym
- Re: Update to default exit policy
  - From: 7v5w7go9ub0o
- Re: Update to default exit policy
  - From: idefix

Prev by Author: Re: Update to default exit policy
Next by Author: Re: Paid performance-tor option?
Previous by thread: Re: Update to default exit policy
Next by thread: Re: Update to default exit policy
Index(es):
- Author
- Thread