[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Secure email with limited usable metadata

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Secure email with limited usable metadata
From: Praedor Tempus <praedor@xxxxxxxxx>
Date: Mon, 1 Jul 2013 16:12:04 -0700 (PDT)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Jul 2013 19:12:21 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1372720325; bh=mfDMMhoZwrRVTlQY5u9l3T/UzpD+wKxm9XAUeGU4eTk=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=e4B/oo5zH+yVNtc77GltB6ulX4s73TmclKP2Pp3WDGJSsxwDPkYGaAyk+/5FjZymT+rHv6NXbSmGcEM5zuyGLpWgdysgGzwDFuwe0yeHcg3xc6QggCMQQaaQFZppqhU8hQFUfoRM5gqqAAfIaq+e6VcR8zX7lc0bLrYs6ghw8Yk=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=rr+9y4QKZ68Xudw6PnGLvoe/4xEoNx1jZymL/0oQGBErwQ/xY4XsRaot7qKKgswk1+jmziyT+3eLKOa1Ds9w+qWPoKyio/LluJ5GB8bvz+6CGPYzrOM0OSk5eDFtarDlZK7alolL1fvSFSvb7GXJuUgofsal+Ztzq/nweFwkqhY= ;
In-reply-to: <51D1B12E.9040305@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-b4XXucOHMJ@xxxxxxxxxxxxx> <51D1B12E.9040305@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Sounds like for Germany and like countries/laws such servers should be limited to no more than 10k users each to prevent that invasion.

________________________________
 From: Moritz Bartl <moritz@xxxxxxxxxxxxxx>
To: tor-talk@xxxxxxxxxxxxxxxxxxxx 
Sent: Monday, July 1, 2013 10:41 AM
Subject: Re: [tor-talk] Secure email with limited usable metadata

Hi,

Thank you for raising this topic once again. Toying with the idea of
"better" email for quite some time, I think there's direct and practical
things you can offer,

> i was thinking about pointing the mx record of the tld to a mail 
> server that is shared with other individuals. the server
> is configured to drop incoming non-tls smtp connection from other
> mail server. On a per account basis, every message that is not
> encrypted to the public pgp key of the address is dropped, too.
> users use pop3/smtp over a hidden server to download/send messages.

See https://github.com/moba/pgpmilter for a small prototype script that
rejects non-PGP mail. Exim seems to have the configuration option for
that somewhat built-in.

I'd go further and forward mail from the mx to hidden services
configurable by the user.

> if inbox size is limited to a few mbs

I'd maybe want to limit the amount of email a user can *send* in a given
time span.

> any cheap vps

I would not want to use VPS for a service like this.

> a trusted umbrella organization is needed 

Working on something like it.

> is the tor project or torservers.net interested in running
> such a service?

Torservers.net is currently a project under a German non-profit. In
Germany, ever email provider with more than 10k users has to provide
lawful interception.

See
https://www.bundesnetzagentur.de/SharedDocs/Downloads/EN/BNetzA/Areas/Telecommunications/TechTelecomsRegulation/TechImplementIntercepts/02EUenTRTKUEV62August2012pdf.pdf

I'd like to see a full design for it first, and then the components, and
the configuration for each component, so this is easy to set up and
replicate by anyone. For example, how do I configure Postfix to relay
certain incoming mail to a configured hidden service, how do I make it
so it only rejects non-PGP mail for some accounts, etc.

-- 
Moritz Bartl
https://www.torservers.net/
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Secure email with limited usable metadata
  - From: coderman

References:
- Re: [tor-talk] Secure email with limited usable metadata
  - From: Moritz Bartl

Prev by Author: Re: [tor-talk] Ninja Stik?
Next by Author: Re: [tor-talk] Secure email with limited usable metadata
Previous by thread: Re: [tor-talk] Secure email with limited usable metadata
Next by thread: Re: [tor-talk] Secure email with limited usable metadata
Index(es):
- Author
- Thread