what about SMTPS over Tor?
a.y.main.contact at googlemail.com
Wed Jan 2 08:16:45 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
On 12/25/07, anonym <anonym at lavabit.com> wrote:
> So I'm investigating the possibility of using SMTPS (i.e. SMTP over SSL)
> on Thunderbird with Torbutton. In fact, this email should have been sent
> over Tor. But as we know, there are several issues with using a mail
> client and SMTP with Tor.
One way to go would be to offer your SMTPS-server as a hidden service
and publish it's .onion-name to your users.
That works around any exit-policy-issues.
> Standard SMTP seems to be completely blocked. BTW, is it possible to do
> queries over all exit nodes to see which of them that allow certain
Yes, there is a dns-service that you can use to query if
a given ip is an exit-node and allowes connection to a given port(+ip).
(Not perfect yet.)
> * The mail header might contain identifying information
> - From my experiments, I've seen fields like User-Agent, x-mozilla-status,
> x-enigmail-version and openpgp (key ID and key URL) which are not
Your smtp-server can send mails through scripts and thus remove/rewrite
these lines. This can also be done on a local sendmail that the client uses
(thus no need to trust the server) instead.
Rewriting all the ".onion" in the headers also helps with servers that
to be valid dns-names.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the tor-talk