[tor-talk] tordns incapable of MX lookups (was Basics of secure email platform)

Conrad Rockenhaus conrad at rockenhaus.com
Sun Nov 24 03:30:57 UTC 2013


On Sat, Nov 23, 2013 at 8:04 PM,  <tor at lists.grepular.com> wrote:
>> >>   1) Create a list of tor exit nodes that do not block port 25
>> >>   2) Command the tor daemon to exit those nodes exclusively.
>> >SSL-SMTP configured to works over 465 port in most cases.
>> On Windows Yes.
>> SMTP over ssl/tls is configured on port 25. Starttls, aca
>> submission, is configured for port 587
>
> You guys are getting hung up on the wrong thing.  Before talking ports
> (which is a non-issue), realize that tordns cannot do an MX lookup.
> This remains the biggest hurdle to sending mail.
>
> Postfix must run with a transparent proxy (no SOCKS proxy capability),
> so it relies wholly on tordns for MX lookups.
>
> Torsocks has a (now broken) feature to disable TorDNS.  If tordns
> could be disabled, then postfix could do an MX lookup.  It would be a
> leak, but at least it would work.  At the moment, the tordns disabler
> has been removed, so there is no hope of running a mail
> server... Unless someone comes up with a SOCKS-capable mail server.

Well, there's a way to get this done, but it's not a *nix based
solution.  You can utilize ISA Server, Microsoft Exchange, and the
Socksv4 firewall client.  Use the ISA Server to centrally connect to
Tor, use the Socksv4 client to let Microsoft Exchange connect via
socks to the client.  It's something I'm willing to try out and see if
it works if anyone wants to know the results of such test, but I'm
pretty sure this type of solution should work.

-Rock

-- 
Conrad Rockenhaus

http://www.rockenhaus.com/
http://www.lagparty.org/~conradr/
-------------- next part --------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (MingW32)

mQGNBFKLfOwBDADgdC8rA0FY8WFBllGZWogsOGSh7YvwA50OwNnlb//j/U9A8WCi
jL+KAHm/eaaHne6R0t2SvIVTkC/tNljb9ylUKSsb8F2+5JDEb1k0Za2bJCM1BqkW
M8mpcu+VYdhOqCRKr2mIV34gD8XQhOi9Z95VGH2aUoIShSeTUU9gFC9r9MGiZrue
Sdxaq+n1rDaadPwg1fuCmiDyN6kTDGpbxIzSuEuXpat+Yif4styvwXTq5oYHZG5t
WikEJUcoY6S2rH/qhfU4K/kuAKK2m5IfawP3+bD3iaD+cQrTtjVdGXCOUVbogVEj
uGDugwGAWe8sJoSX/HxbzE6gKFlgbwDRNjDdU21YJJCyYXAdwAIx+uzBcFBtcWtl
OEWamE23i0O/koaYQKi5AxBrUTKBfKenmF98L5hCbd8v6dMHhjepJj8OZ1hMOxw+
NnHI38h40TEZmgj8+GuyG2yJIPgl/+baqZciJzsY0tf6k2FAHcebpCuwwXUMyxpF
zDlHM+CMwy9LhosAEQEAAbRFQ29ucmFkIFJvY2tlbmhhdXMgKE5ldyBHUEcgS2V5
IC0gUmVwbGFjZW1lbnQpIDxjb25yYWRAcm9ja2VuaGF1cy5jb20+iQG/BBMBAgAp
BQJSi3zsAhsDBQkGCTokBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQwzp0
fZg53n+ldgv/dOCxNCDlNNExStot90KZvMELGqDQs7A7LN5LJHLJmPR4s93b3xUB
GW6TrJEn+bwrvPsc2IERvYDjHd7618pCm83tRB+yD5xqdd2wzeFO0CxrdhSsCLeQ
MvQyW6ObEL/OyZN90jWIIab8KffHdWpnn3cGbEmpGBFT34gV7aEgUtCn3w+sCpll
gth6z5tI0Gd6wVCzd02hfjtKvFrHcmI9I6V/HlcF2cKSzJwUPozwelTGl6v80lBf
CCGWZ9itJ2kL1H0CZuienwgqielhundCwu+NiJZJE9X5R9kAgqF/6HdZd0DxIlmY
7GDLZn84xBfBLQWtV/skysK81f4HAk2CJF80DO9+k2IqRnwfvhNIzNAI2WE7jjr/
yeZa3H0hvjG2PBhNeMByk3rQoI1Vhp37QAuta6lPRSJV6XOC0ZsMAYvS3PXBkXqO
uEx/hgATl24M9Ziyryd3aYtLyQpJup/Q1GB7MRjRoNxUTt96LGef16MiY5qqfEF7
swMm4VnWK5JVuQGNBFKLfOwBDACfae2k6ehQ9q6CTteFbNnrVCJWK/dQlkT53cDS
xX+hLI+P/8SVQ3PrTvmHo+6ihTEp11TlmjpB7tGuuSH6kZD3e8vuiqdibzOkjot4
l4dU3K8Rs/pCM8sTsMWUoZlK8iSTWJmi1RVO3A5/MshPFN9X/SSv5wZ8Cop+ME//
hvrRpcPwGz4tE9ULkeIRVaPicmh8IeQDfTeKDrwgU+Sm5DKVGTWk74dieQ1jcS7I
zJCAv0Z6U+GKNVwby/HX1z3wPGQvHrmMtcXbUYBDYkMgr71YOtwqpfvFej1VrUrR
y1jbCtztgCKESN1C9VAQEggSTExMUdYCpImKYk9DAsydl2p96Wo7rFgP1Ryru9oY
76tw5h7AhegJJqY9ZmCP0as4LtASRSXjY8DOAtRnM2V5jB7Cn1mFGTpEps6ykCiG
2vDLEnLZ5zn2l1S+Ka/EsSbQCUFgOyJBlTJLBbd9a4/Z/FxMcIKfWY/WbTyJMTsQ
XJoejHzTRDcK6VcXcszEjYv8d3kAEQEAAYkBpQQYAQIADwUCUot87AIbDAUJBgk6
JAAKCRDDOnR9mDnef0YCDAC6YZhvuvIuoykfL6XfFHGNg+EKGPPQ0JkcJXambMnc
duINru44VIKFfCi8NeHV9KmPmMKPFXVlpnxqNS9AZJVjBiFSztsET2uDLu3BASza
6sHEIshXrhoU7VoiGQEC17NIurByrAztPXOAGLkeOOH/oPhdkKlyOJ8nxiKxFGzG
/No6ejcrzKoZ0Zi62aOp9kOxXan8zyrc5o0mTUnDAyKSU9+niiiwifYVhI284n6G
wiCdkCFxG22x5MkYafWIR+z58cTLSTtUfqzxBE/nXTFaS+MvBueCpoo+DhSpsTHw
sy3qDpHIRdx+T/E+Nh/g3B5EHgUEt2R3Q8mdgtYUyQkc5VE9XuZ+FaU7yA6kSBRx
DdO/0zgSjh78LwwD3BHmZI6dzDRX4MHKjCAWU5YZnL5iu63Msr1EGkfsAYQmuLCk
8NN1ZXJPDT8bS3coPawDMXhrbI6LCiQ2S1GJH4aLhmTfFZ/KAs1IUddlkp0Dm/II
V/cr6DHoVJlLzdHp9RdA/2U=
=d3ja
-----END PGP PUBLIC KEY BLOCK-----


More information about the tor-talk mailing list