headers in email

Mike Cardwell tor at lists.grepular.com
Mon Oct 8 09:21:28 UTC 2007


Gregory Maxwell wrote:

>> You could set up a gmail account via tor. Then point a stunnel at
>> smtp.gmail.com port 465 over Tor using tsocks or something. Making sure
>> you have a copy of their public cert first and that the stunnel
>> validates it. I set this up and pointed my MTA (Exim) at it just for a
>> play at one point. I had to make sure Exim stripped the Received headers
>> and sent a suitably anonymous EHLO when talking to their service but
>> otherwise it worked.
> 
> It's hard to tell if your SMTP client or stunnel itself send
> identifying information. :(

I initially set Exim to freeze the messages in the queue so I could 
inspect their headers and body, to check for just this. You can then 
flush an individual message using "exim -v -M message_id" allowing you 
to watch all communication going back and forth between the two servers.

I never considered that stunnel might send identifying information of 
some sort though. Hmmm. Does anyone have any experience of using stunnel 
  with tsocks over the Tor network?

Mike



More information about the tor-talk mailing list