[tor-bugs] #30608 [Internal Services/Tor Sysadmin Team]: Have a SMTP out only server

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri May 24 22:01:25 UTC 2019 

#30608: Have a SMTP out only server
-------------------------------------------------+---------------------
 Reporter:  dgoulet                              |          Owner:  tpa
     Type:  enhancement                          |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------

Comment (by anarcat):

 @mikeperry - do you use gmail?

 I don't, and i don't have this problem, as far as I know. I've had
 problems with mail delivery before in #29770 but I resolved it by fixing
 my "enveloppe from". as it turns out, i had a local configuration problem.
 I suspect a lot of those issues are bound to SPF or DKIM configurations
 (not on torproject.org!) that are fundamentally incompatible with email
 forwarding.

 It would greatly help if people would report delivery issues they are
 having with concrete examples, here. as far as I know, the only such
 documented report is the one i did above, in #29770. I won't deny there
 are problems, but I think it would be better to have clear documentation
 of what the issues are if we're going to fix this.

 Tthe other thing is that using the all-powerful LDAP password for email
 means yet another password reuse: then that password, instead of being
 just in your head or in your password manager, needs to be stored, in
 cleartext, in some configuration somewhere. this is very bad. So we'd at
 least need to finish the separation between the "sudo" and "normal" LDAP
 passwords (#6367) and possibly setup another "service" password
 specifically for email. This will, naturally, make LDAP management more
 complex but it's not an impossible task.

 Honestly, it is my belief that companies like Google and Facebook are
 actively trying to destroy the "old" internet standards like email. They
 have done so with XMPP and SMTP/IMAP are the ones that are left. "Delivery
 to gmail.com", as a standard, is not simply a matter of delivering emails
 from torproject.org servers. It's a black box we do not control and that
 do not provide tech support or answer postmaster@ emails, so it's actually
 a very hard problem to solve.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30608#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list