[tor-bugs] #12821 [TorBirdy]: using torbirdy + thunderbird: domains emailing with dmarc

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Aug 11 11:05:06 UTC 2014


#12821: using torbirdy + thunderbird: domains emailing with dmarc
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  ioerror
  cypherpunks            |     Status:  new
         Type:  project  |  Milestone:
     Priority:  normal   |    Version:  Tor: unspecified
    Component:           |   Keywords:  torbirdy, thunderbird, dmarc, dkim,
  TorBirdy               |  adsp, spf, email
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by ioerror):

 TorBirdy merely ensures that you're connecting everything over Tor as well
 as disabling any leaky or obviously exploitable component. This means that
 with TorBirdy, your connection to your SMTP server is over Tor. As I
 understand it, DMARC should not impact the end user as long as their SMTP
 server is properly configured to handle it.

 As an example, if you connect to Gmail with Tor Browser or TorBirdy, does
 DMARC fail?

 Please give specific examples of failures - full headers and everything
 required to reproduce it.

 I think that generally, we need not worry about this for TorBirdy. If your
 mail server is going to Narc you out, they'll only get as far as the Tor
 Exit node. That is why users are using Tor - exactly for this kind of
 privacy invasion. Obviously, people should use mail servers that don't
 leak this kind of data but if they do, they'll at least not leak their
 home/work/other IP address.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12821#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list