[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: what about SMTPS over Tor?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: what about SMTPS over Tor?
From: anonym <anonym@xxxxxxxxxxx>
Date: Wed, 02 Jan 2008 19:27:16 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 02 Jan 2008 13:27:27 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=lavabit; d=lavabit.com; b=afS9o//O+1BNDfOhi2jRe/iXarB/8FpMNksDQeKOWJSN3A8Mje07W4VS1eUNyPtujYpoR0HKwIxUsM8Yzk8Grsv5c+FutLwytdkrvKprFkhyB3VsYjYeXeZC9EYdI+OoDoJXvSbLsUMgvmnOjbNM6RkjxXY2C1BLdMM6Ygs9zMo=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:OpenPGP:Content-Type:Content-Transfer-Encoding;
In-reply-to: <6ce4a9360801020016i7f106848v5e5b9c55adadfdf@xxxxxxxxxxxxxx>
Openpgp: id=D0E64958; url=http://keyserv.nic-se.se:11371/pks/lookup?op=get&search=0xA7C12CC1D0E64958
References: <47712D33.3010806@xxxxxxxxxxx> <6ce4a9360801020016i7f106848v5e5b9c55adadfdf@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (X11/20071022)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/01/08 09:16, anon ymous wrote:
> 
> On 12/25/07, anonym <anonym@xxxxxxxxxxx> wrote:
>> So I'm investigating the possibility of using SMTPS (i.e. SMTP over SSL)
>> on Thunderbird with Torbutton. In fact, this email should have been sent
>> over Tor. But as we know, there are several issues with using a mail
>> client and SMTP with Tor.
> 
> One way to go would be to offer your SMTPS-server as a hidden service
> and publish it's .onion-name to your users.
> That works around any exit-policy-issues.

Yes, there are some interesting things with this, and i2p already has a
nice service for this with some cool features (e.g. hash cash for
sending more than a set daily threshold of messages to precent spam).
But I'm more interested in smtp on the "open" Internet currently as I
don't want to push too many new concepts on the people I try to help,
_and_ I need a solution fast (+ I don't have any resources for putting
up the required setup for a hidden service email).

I would like that smtps got a similar status with Tor as http(s) has.
IMHO the issues with http(s) (e.g. javascript, cookies) seem to be far
worse than smtp unless I've missed something, so I don't understand
while it's not focused on more. At least until all the issues with
anonymous remailers have been sorted out (like that you can't reply to
messages).

>> Standard SMTP seems to be completely blocked. BTW, is it possible to do
>> queries over all exit nodes to see which of them that allow certain
>> services?
> 
> Yes, there is a dns-service that you can use to query if
> a given ip is an exit-node and allowes connection to a given port(+ip).
> (Not perfect yet.)

Yes, but I want to query over _all_ servers. Or rather, what I'm really
interested in is statistics over exit policies. How is the Tor client
determining which exit nodes it can choose from?

>> * The mail header might contain identifying information
>> - From my experiments, I've seen fields like User-Agent, x-mozilla-status,
>>  x-enigmail-version and openpgp (key ID and key URL) which are not
> 
> Your smtp-server can send mails through scripts and thus remove/rewrite
> these lines. This can also be done on a local sendmail that the client uses
> (thus no need to trust the server) instead.
> Rewriting all the ".onion" in the headers also helps with servers that
> check these
> to be valid dns-names.
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHe9d/p8EswdDmSVgRAlugAJ9BFy2ccF0NkNTpgXyiSIx2Nd1b7wCg2ND3
yilgEoDhRdyuEo/8438eG4A=
=NZst
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: what about SMTPS over Tor?
  - From: Martin Fick

References:
- Re: what about SMTPS over Tor?
  - From: anon ymous

Prev by Author: Re: What to do at IP number change?
Next by Author: Re: what about SMTPS over Tor?
Previous by thread: Re: what about SMTPS over Tor?
Next by thread: Re: what about SMTPS over Tor?
Index(es):
- Author
- Thread