[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Why postfix cannot work on tor (was What are some free and private emai providers?)

* on the Wed, Dec 11, 2013 at 02:01:34AM +0100, tor@xxxxxxxxxxxxxxxxxx wrote:

>> Exim or postfix are not so hard to learn and roundcube is pretty
>> easy to install :)
> Postfix does not work with tor.
> There are a few problems:
> - Postfix does not have a SOCKS4a proxy option (in fact, no proxy
>   option)
> - TorDNS cannot handle MX lookups.  So running postfix on a
>   transparent proxy fails because MX lookups fail.
> - Torsocks has a documented feature to disable tordns, but it's
>   broken.
> Does Exim or Roundcube have a way around these problems?

1.) Install Linux
2.) Set up Transparent Proxying as per
3.) Install the "Unbound" caching DNS resolver on the same machine.
    Disable it's UDP support "do-udp: no", so it only does DNS lookups
    over TCP. Then it should be able to do MX lookups over Tor (without
    using Tors built in DNSPort service)

Now any MTA will work over Tor, Exim, Sendmail, Postfix, Qmail. For
bonus points, and completely anonymous email without having to use a
third parties remailer, configure Unbound to forward requests for
".onion" lookups to Tors DNSPort. An MX record of a .onion domain
will fail, but then the MTA will fall back to doing an A record
lookup, and will then connect to the relevant hidden smtp service. If
you want to test that, send an email to:


Obviously, that's not very anonymous as the .onion address contains
a substring of my normal domain, and my real name is included too,
and I've also not configured my SMTP server to obfuscate various
things about my machine that are leaked in the SMTP communication,
Received headers, Message-Id etc. But for testing, it's useful.

Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to