[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: headers in email

Gregory Maxwell wrote:

You could set up a gmail account via tor. Then point a stunnel at
smtp.gmail.com port 465 over Tor using tsocks or something. Making sure
you have a copy of their public cert first and that the stunnel
validates it. I set this up and pointed my MTA (Exim) at it just for a
play at one point. I had to make sure Exim stripped the Received headers
and sent a suitably anonymous EHLO when talking to their service but
otherwise it worked.

It's hard to tell if your SMTP client or stunnel itself send
identifying information. :(

I initially set Exim to freeze the messages in the queue so I could inspect their headers and body, to check for just this. You can then flush an individual message using "exim -v -M message_id" allowing you to watch all communication going back and forth between the two servers.

I never considered that stunnel might send identifying information of some sort though. Hmmm. Does anyone have any experience of using stunnel with tsocks over the Tor network?