[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: is tor an email mixmaster?

Hi Andrew, you missed one important point, tor-email-button is done in an email client, which is sending openPGP encrypted emails only,
then you have an exit node, sending the packet to the mail server - or not, if the mail has not been delivered, the mail was not going out, so the smtp server sends that notice back.
So everyone who runs tor-email-button in that mail client (we already have one in mind) is able to send the message out or can pop up the mails (which should be encrypted).
Well the question is every node or not is an outproxy is not the question, the question is, if we can architect that for an email client, sending PGP encrypted mails only, then many problems are solved.

On Sun, Nov 9, 2008 at 6:11 PM, <phobos@xxxxxxxxxx> wrote:
On Sun, Nov 09, 2008 at 02:03:53PM +0100, petersonmaxx@xxxxxxxxxxxxxx wrote 3.5K bytes in 68 lines about:
: is it possible to make a kind of tor button, so that all users using a kind
: of email client are a outproxy or hidden service, or must it be hidden
: service?
: so a torbutton with default on smtp relay /exitnode for email?

The challenge is in developing a tor extension for a mail client.  Tor is
still developing torbutton to address the changes and anonymity risks in
firefox 2 and 3.

There once was a torbutton for thunderbird.  I think all it did was
redirect the connections to your mail servers over tor.  There are still
many personally identifing details in the mail itself that need to be
anonymized and cleaned.

And what you seem to be asking is client as a relay by default.  This
topic is discussed on the wiki at