-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/01/08 09:16, anon ymous wrote: > > On 12/25/07, anonym <[EMAIL PROTECTED]> wrote: >> So I'm investigating the possibility of using SMTPS (i.e. SMTP over SSL) >> on Thunderbird with Torbutton. In fact, this email should have been sent >> over Tor. But as we know, there are several issues with using a mail >> client and SMTP with Tor. > > One way to go would be to offer your SMTPS-server as a hidden service > and publish it's .onion-name to your users. > That works around any exit-policy-issues.
Yes, there are some interesting things with this, and i2p already has a nice service for this with some cool features (e.g. hash cash for sending more than a set daily threshold of messages to precent spam). But I'm more interested in smtp on the "open" Internet currently as I don't want to push too many new concepts on the people I try to help, _and_ I need a solution fast (+ I don't have any resources for putting up the required setup for a hidden service email). I would like that smtps got a similar status with Tor as http(s) has. IMHO the issues with http(s) (e.g. javascript, cookies) seem to be far worse than smtp unless I've missed something, so I don't understand while it's not focused on more. At least until all the issues with anonymous remailers have been sorted out (like that you can't reply to messages). >> Standard SMTP seems to be completely blocked. BTW, is it possible to do >> queries over all exit nodes to see which of them that allow certain >> services? > > Yes, there is a dns-service that you can use to query if > a given ip is an exit-node and allowes connection to a given port(+ip). > (Not perfect yet.) Yes, but I want to query over _all_ servers. Or rather, what I'm really interested in is statistics over exit policies. How is the Tor client determining which exit nodes it can choose from? >> * The mail header might contain identifying information >> - From my experiments, I've seen fields like User-Agent, x-mozilla-status, >> x-enigmail-version and openpgp (key ID and key URL) which are not > > Your smtp-server can send mails through scripts and thus remove/rewrite > these lines. This can also be done on a local sendmail that the client uses > (thus no need to trust the server) instead. > Rewriting all the ".onion" in the headers also helps with servers that > check these > to be valid dns-names. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHe9d/p8EswdDmSVgRAlugAJ9BFy2ccF0NkNTpgXyiSIx2Nd1b7wCg2ND3 yilgEoDhRdyuEo/8438eG4A= =NZst -----END PGP SIGNATURE-----
