[tor-talk] Secure email with limited usable metadata

[Moritz Bartl]

Hi,

Thank you for raising this topic once again. Toying with the idea of
"better" email for quite some time, I think there's direct and practical
things you can offer,

> i was thinking about pointing the mx record of the tld to a mail 
> server that is shared with other individuals. the server
> is configured to drop incoming non-tls smtp connection from other
> mail server. On a per account basis, every message that is not
> encrypted to the public pgp key of the address is dropped, too.
> users use pop3/smtp over a hidden server to download/send messages.

See https://github.com/moba/pgpmilter for a small prototype script that
rejects non-PGP mail. Exim seems to have the configuration option for
that somewhat built-in.

I'd go further and forward mail from the mx to hidden services
configurable by the user.

> if inbox size is limited to a few mbs

I'd maybe want to limit the amount of email a user can *send* in a given
time span.

> any cheap vps

I would not want to use VPS for a service like this.

> a trusted umbrella organization is needed 

Working on something like it.

> is the tor project or torservers.net interested in running
> such a service?

Torservers.net is currently a project under a German non-profit. In
Germany, ever email provider with more than 10k users has to provide
lawful interception.

See
https://www.bundesnetzagentur.de/SharedDocs/Downloads/EN/BNetzA/Areas/Telecommunications/TechTelecomsRegulation/TechImplementIntercepts/02EUenTRTKUEV62August2012pdf.pdf

I'd like to see a full design for it first, and then the components, and
the configuration for each component, so this is easy to set up and
replicate by anyone. For example, how do I configure Postfix to relay
certain incoming mail to a configured hidden service, how do I make it
so it only rejects non-PGP mail for some accounts, etc.

-- 
Moritz Bartl
https://www.torservers.net/