headers in email
Mike Cardwell
tor at lists.grepular.com
Mon Oct 8 08:50:31 UTC 2007
Florian Reitmeir wrote:
>> The better way(tm) to do this would be to just run an open SMTP server
>> as a hidden service, and run spam filtering, hashacash proof-of-work
>> challenge, whatever anti-abuse stuff you want, along with header
>> munging and striping, ... and advertise this server for people to set
>> their SMTP out to...
>
> Sure. thats a really good hidden service,
>
> As sender ..
> - i don't know where the server is, and who its operating..
Not really. Just send yourself an email and look at the Received headers
when you get it. That will tell you exactly where the server is.
> As receiver
> - i see a open relay ..
They wont see an open relay. To see an open relay suggests you have some
way of performing a test to relay mail through it.
> As user
> - is send a mail, and someone alters it, because he feels it rights.. or
> thinks its "the best" todo
This is the problem with Tor. I guess you could use PGP.
I'd be tempted to use authenticated SMTP with a hidden service and make
people sign up, so you can rate limit what they send.
> Its truly the best combination of all Tor can provide.
You could set up a gmail account via tor. Then point a stunnel at
smtp.gmail.com port 465 over Tor using tsocks or something. Making sure
you have a copy of their public cert first and that the stunnel
validates it. I set this up and pointed my MTA (Exim) at it just for a
play at one point. I had to make sure Exim stripped the Received headers
and sent a suitably anonymous EHLO when talking to their service but
otherwise it worked.
Mike
More information about the tor-talk
mailing list