[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor-only email

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor-only email
From: Andy Dixon <andy@xxxxxxxxx>
Date: Thu, 1 May 2008 10:18:17 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 01 May 2008 05:18:27 -0400
In-reply-to: <20080501090237.GN4453@xxxxxxxxxxxxxx>
References: <04A2853D-4DAE-4EDB-9BEA-133BC48C5876@xxxxxxxxx> <20080501090237.GN4453@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx


On 1 May 2008, at 10:02, Roger Dingledine wrote:

On Thu, May 01, 2008 at 09:47:50AM +0100, ?Andy Dixon wrote:

If anyone is interested, I need a few people to create an account,
and test the pop3,imap, smtp (internal only) and webmail.


Hi Andy,

A word of warning: pop3 and imap tend to communicate authentication
information in plaintext. Sending protocols like those over the open

Internet (whether using Tor or not) is generally a very risky thingto do.

Sending them over Tor may be even riskier.

(There are safe ways to do it, e.g. by making sure that your Torclients

use a hidden service to transport their plaintext protocols, or making
sure they always exit from a relay that's on the same local network as
the destination. But you need to think carefully about these issues in
any case.)

--Roger


Hi Roger,

The services are only configured as hidden Tor services at themoment, however I am thinking about going SSL so that email can beaccessed from a 'normal' connection..

I'm sue that most people, if they wanted such a service, wouldprobably prefer to use a web-based mail service purely for convenience..


Andy

References:
- Tor-only email
  - From: Andy Dixon
- Re: Tor-only email
  - From: Roger Dingledine

Prev by Author: Tor-only email
Next by Author: Re: Tor-only email
Previous by thread: Re: Tor-only email
Next by thread: Re: Tor-only email
Index(es):
- Author
- Thread