[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Tue, 09 Aug 2011 10:57:35 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Aug 2011 11:57:33 -0400
In-reply-to: <4E414C5B.10405@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4E414C5B.10405@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:5.0) Gecko/20110624 Thunderbird/5.0

On 8/9/2011 10:03 AM, Phillip wrote:

Hi,

My question is about the safety of using Thunderbird to send e-mail
through Tor.

A little background: I run a moderate capacity (~500-600 kb/s) Tor
relay. I've configured my Thunderbird client to use the Tor network, as
well as to not leak DNS resolves, and I've verified through test e-mails
that they are being sent to the GMail server through a Tor exit node. My
accounts are configured to use SSL/TLS for both IMAP and SMTP.

I understand that once e-mail leaves the GMail servers, it's about as
secure as sending an open post card.

My question is whether the SSL/TLS connections between my e-mail client
and the GMail server are being made through the Tor network, and whether
using Tor in such a way exposes my otherwise unencrypted e-mail to a
greater risk of being skimmed by, say, a potentially hostile Tor exit node?

My goal is simply to anonymise my IP, which gets leaked gratuitously by
Thunderbird, and to ensure that the e-mail gets to the GMail server as
securely as if I was using the https web mail.

Thanks in advance for any assistance!

Cheers,

Phillip

As I understand it, just sending unencrypted mail to an email providerthru Tor, only masks your true IP address. This assumes you've set upan acct w/ provider, WHILE USING TOR.Once it hits (Gmail & many others') servers, they're going to scanunencrypted mail, as well as mail sent to you. If your received mail isunencrypted, providers will scan that.

You can use HTTPS connection & Tor to Gmail, which will hide your IP,provide protection * between you & Gmail,* but if unencrypted, won'tkeep them from scanning it.

Yes, I believe an exit node could scan unencrypted mail. I'm not sureabout when you use SSL between you & final destination. Others canchime in (please correct any mistakes here).Generally, it's not suggested to send sensitive, unencrypted info thruTor when using plain HTTP connection w/ a site.

One solution for you might be to use the popular "Enigmail" Tbird addon(from AMO's site) to encrypt mail. You can read up on it at AMO &Enigmail's home page - what's involved for you & recipients of yourmail. It's not that difficult.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
  - From: Phillip

References:
- [tor-talk] Thunderbird, GMail and Tor - is it safe?
  - From: Phillip

Prev by Author: Re: [tor-talk] Reason Firefox version in TBB is so far behind?
Next by Author: Re: [tor-talk] New Tool Keeps Censors in the Dark - mentions Tor.
Previous by thread: [tor-talk] Thunderbird, GMail and Tor - is it safe?
Next by thread: Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
Index(es):
- Author
- Thread