Hi all, at GlobaLeaks we're encountering a lot of issues related to sending of email notification behind Tor, with almost any email provider.
If the sender provider don't block you today, it will block you tomorrow at random. If the recipient's provider don't mark you as Spam today, it will do it tomorrow at random. That's a known Tor's outgoing email problem, still unfixed. That's because any provider that's used continuously behind Tor, before or later get abused/will block you (including Google), and because the IP reputation of any Tor Exit Relay on the internet is very bad. So, thinking on how to fix it, why don't create an outbound email system that's based on proof of work to heavily disincentive spammer/fraudster, enabling a Tor user to send email to general Internet users without major problems? If my Tor client computer had to run heavy computations for 15-30s to send a single email, i think that spammer and fraudster will be KO, but an average user could still find it acceptable because a single user is "low volume" but any automated systems are high-volume. A Tor Exit node could require such a "proof of work" from a Tor Client in order to enable a single outgoing connection for that "highly sensible exit port" (25, 465, 587). If this method work, it should be required to improve Tor to run a dedicated "Per Port Exit OutBoundAddress" that would enable to have a dedicated IP address for outgoing connections trough port 25/465/587. This IP address will have a good reputation on the internet, because will be only used by real-users to send a relatively limited amount of emails. That way it would be transparent for the end-user to send outgoing email trough Tor. If this would be in place, the Tor2web inbound SMTP feature #LINKTICKET, to be developed before or later, will complement this picture allowing full inbound/outbound SMTP email traffic. Beware: I'm pro-compatibility, i don't like any "let's make/use a new protocol, Email is dead, SMTP is dead, PGP is dead!" and i concretely think that we shall improve the existing internet-standards to fulfill new requirements, rather than create new ones. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
