[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Tue, 09 Aug 2011 12:17:52 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Aug 2011 13:17:47 -0400
In-reply-to: <201108091249.25039.cmeclax-sazri@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4E414C5B.10405@xxxxxxxxx> <201108091249.25039.cmeclax-sazri@xxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:5.0) Gecko/20110624 Thunderbird/5.0

On 8/9/2011 11:49 AM, cmeclax-sazri wrote:

On Tuesday 09 August 2011 11:03:55 Phillip wrote:

My question is whether the SSL/TLS connections between my e-mail client
and the GMail server are being made through the Tor network, and whether
using Tor in such a way exposes my otherwise unencrypted e-mail to a
greater risk of being skimmed by, say, a potentially hostile Tor exit node?

My goal is simply to anonymise my IP, which gets leaked gratuitously by
Thunderbird, and to ensure that the e-mail gets to the GMail server as
securely as if I was using the https web mail.

As far as I can tell from the headers, it is working. When you send email
through the web interface, your IP does not appear in the headers. Your
message contains this header:

Received: from [0.0.0.0] (spftor3.privacyfoundation.ch [62.220.135.129])
  by mx.google.com with ESMTPS id r5sm7674eef.36.2011.08.09.08.04.01
  (version=SSLv3 cipher=AES128-SHA);     Tue, 09 Aug 2011 08:04:03 -0700 (PDT)

which shows that your mail was sent through encrypted SMTP from a Tor node.

I have a Gmail account that I created through the web using Tor; it was
immediately flagged as suspect as soon as I finished. How do you use
Thunderbird with Gmail?

You will have to either create an acct while using Tor, or when usingTor to access an existing acct (not sure of the value in that - if theacct wasn't created using Tor), or almost certainly have to use an exitnode in the same country that you created the gmail acct from (byediting your torrc file to use country specific exit nodes). Gmaildoesn't like it when you try to access an acct from an address inanother country than the one they saw / recorded when the acct wascreated. I think they believe it may be a hacking attempt.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Thunderbird, GMail and Tor - is it safe?
  - From: Phillip
- Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
  - From: cmeclax-sazri

Prev by Author: Re: [tor-talk] New Tool Keeps Censors in the Dark - mentions Tor.
Next by Author: Re: [tor-talk] New Tool Keeps Censors in the Dark - mentions Tor.
Previous by thread: Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
Next by thread: Re: [tor-talk] Thunderbird, GMail and Tor - is it safe?
Index(es):
- Author
- Thread