[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: what about SMTPS over Tor?
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: what about SMTPS over Tor?
- From: "anon ymous" <a.y.main.contact@xxxxxxxxxxxxxx>
- Date: Wed, 2 Jan 2008 09:16:45 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 02 Jan 2008 03:16:54 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=abJLr41hkSVEM4wyBsyOPh2JU5wE2rzYugGV0jPkjIE=; b=PczMVytd4hrqJEmGd1BDHMlfeILdk8czFWsdBQpHtltY/L87V3N5O6OhMkp1ALRQa1E1rGIfIF0oFWsqT84faxdz6D5N2nBQd9ZLMdDsJimkDAVRNPE09p/KEBHlngBZYpbDEBjdIFIW4Kib2zwNaFGpJ374u1a/hsfiuKxumg0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=L2oyCHUzZAqbjP3V4wqcjQr3trJ3pr7Ag7SuhneBA95RiMGu7Or9o1WhxH0q6SX1QfyU6VVgl4EMdhkkYPOnlNflDo7mj+AVQil/3VYWCI6UG7+92V7Gmgn1/tNKLMn9UJD7AfEaEOmFHA8n0DEP4bIE4Hp6+tbt5opUCIAqa00=
- In-reply-to: <47712D33.3010806@xxxxxxxxxxx>
- References: <47712D33.3010806@xxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/25/07, anonym <anonym@xxxxxxxxxxx> wrote:
> So I'm investigating the possibility of using SMTPS (i.e. SMTP over SSL)
> on Thunderbird with Torbutton. In fact, this email should have been sent
> over Tor. But as we know, there are several issues with using a mail
> client and SMTP with Tor.
One way to go would be to offer your SMTPS-server as a hidden service
and publish it's .onion-name to your users.
That works around any exit-policy-issues.
> Standard SMTP seems to be completely blocked. BTW, is it possible to do
> queries over all exit nodes to see which of them that allow certain
> services?
Yes, there is a dns-service that you can use to query if
a given ip is an exit-node and allowes connection to a given port(+ip).
(Not perfect yet.)
> * The mail header might contain identifying information
> - From my experiments, I've seen fields like User-Agent, x-mozilla-status,
> x-enigmail-version and openpgp (key ID and key URL) which are not
Your smtp-server can send mails through scripts and thus remove/rewrite
these lines. This can also be done on a local sendmail that the client uses
(thus no need to trust the server) instead.
Rewriting all the ".onion" in the headers also helps with servers that
check these
to be valid dns-names.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org
iD8DBQFHe0g2LAZ+Vq4hPgARAgbZAKDXTU3smQjqc5SBHUymqbNTFf/vmwCg5GhG
ksYZvXbZmJdWIl7BafdJmg0=
=dkFQ
-----END PGP SIGNATURE-----