[tor-talk] Sending email from Tor browser

Sat Jun 14 18:23:12 UTC 2014

On 6/14/2014 12:32 PM, Moritz Bartl wrote:
> On 06/14/2014 01:33 PM, Chen Cecilia Zhang wrote:
>> and the strange thing is : I tried to test the email sending from Tor and
>> without Tor browser, and the IP address shows in the "original email" from
>> gmail are the same....
> How would you think Gmail (as in this example) can know your IP address,
> regardless of whether your mail provider sends it right away or later?
> Tor Browser is designed to keep your IP address hidden from the website
> in all cases.
>
> Gmail, as far as I'm aware, does not put user IP addresses into mail
> headers. What you see in the headers is likely a gmail.com IP address.
>
Yes, just note the address shown on the Tor Check site, then send a msg 
using TBB - *right away.*
The IPa assigned to the msg (if the provider includes it) is based *on 
the address being used when it's sent.*  Whether that's a Tor address or 
if not using Tor, your real ISP assigned address.

Assuming the Tor exit didn't change from the time you looked at it, 
until you sent the msg - a few seconds later, the IPa in email header & 
on Tor Check (or in Vidalia, if used) should be the same.

One possibility why it would fail is if the browser failed to connect to 
Tor network.  But, if that happened, you should see a huge warning about 
that on the TBB startup page.

Reminder to newer users of email & Tor (and to me) - depending on WHAT 
you're trying to keep private AND from whom (from an ISP?... or from the 
NSA?), when you send a "test" message from a Tor created email acct, to 
another acct of yours, theoretically those 2 accts could be tied 
together.  Especially if the provider for the non-Tor acct had your real 
IPa, real mobile phone #, or real name (as for an email acct w/ your 
paid ISP).

No - Gmail or such isn't going to tie the Tor acct to the other email 
address you sent a msg to (at least, not for now), but some more 
powerful entities could do that, if they were interested.
Whether one is talking about any "illegal" or highly interesting things 
in Tor email or not, it should probably be assumed that many / most 
electronic communications are being stored.

If msgs are NOT encrypted w/ something strong like PGP, it probably 
should be assumed that they could be decrypted (if "they" were so 
inclined).  And if the msgs are just stored today, it's a distinct 
possibility even strong encryption could be broken in the not too 
distant future.