nopeitsnothing
commented
2 years ago Disposable (burner) mailing systems tend to be abused fairly often as is the case here. The mailer does indeed work, but it sends mail from a known abuser and is flagged as potential spam.
Test: Privacy/IP leaks:
Result: Pass. Does not leak sender IP/exit and correctly sends. No IP leak occurs.
Test: Security:
Using Tor browser, send mail from site to destination (recipient address and IP redacted). System is disposable VM using Whonix and Tor browser.
Result: Recipient receives in about 2 minutes, but this is likely due to Tor latency.
Full headers of received mail:
... snip ...
Return-Path: <sisatmp@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on [redacted]
X-Spam-Level: **
X-Spam-Pyzor: Reported 0 times.
X-Spam-Status: No, score=2.5 required=6.0 shortcircuit=no autolearn=disabled
version=3.4.6
X-Spam-Report:
* -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
* https://www.dnswl.org/, no trust
* [[redacted] listed in dnswl.dnsbl]
* 2.0 BAYES_80 BODY: Bayes spam probability is 80 to 95%
* [score: 0.9326]
* 0.1 NO_REAL_NAME From: does not include a real name
* 0.0 MAILPHISH4 Sent by a (cracked?) webmail system
* 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
* 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
* provider
* [sisatmp[at]gmail.com]
* 0.0 ENV_FROM_DIFF0 Envelope From differs from from (eg list)
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
* envelope-from domain
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author's domain
* 0.1 CK_KARD_SIZE short, card virus size - avoid matches in long
* text
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
* [redacted listed in wl.mailspike.net]
* -0.1 AM_TRUNCATED Compensate on large message for misfiring rules
* 0.1 TO_NOREAL no real name(s), maybe not list
* 0.1 ENV_FROM_DIFF Envelope From differs from from from (not list)
* -0.0 T_SCC_BODY_TEXT_LINE No description available.
* 0.5 KAM_NUMSUBJECT Subject ends in numbers excluding current years
* -0.0 TXREP TXREP: Score normalizing based on sender's reputation
Delivered-To: [redacted]
Received: from [redacted] ([redacted] [redacted])
...snip ...
Received: from mail-vs1-f68.google.com (mail-vs1-f68.google.com [redacted])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (not verified))
by [redacted] (Postfix) with ESMTPS id 4MQlzv1rYSzDq5t
for <[redacted]>; Sun, 11 Sep 2022 23:19:23 +0000 (UTC)
Authentication-Results: [redacted];
dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=IDs2IGQa;
dkim-atps=neutral
Received: by mail-vs1-f68.google.com with SMTP id h1so7277106vsr.11
for <[redacted]>; Sun, 11 Sep 2022 16:19:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:mime-version:from:from:to:cc:subject
:date;
bh=7r7O91+Tu66gxS7R1zL3VS89K0V+gnh8iUvczG9mKA4=;
b=IDs2IGQaYeircz9Oiq1SsIB1Fa027e5Cfj5U3vkk6eeB9Aonk6rba9cn3m/EpZ3mwx
Acv391MDG5tG30BJ7sUi72cBA/KL5C/A7+z8urdKXoofuNQhnO3AF1iNeB7Eouhcfk+l
cWToQrH/rb4p1VKBvdA2tpF1FjAE/DnyPWr7ZlKlmrTMEA7SGwbE2USQVhlX3gMZgFZL
hklzYtjr+PD3087A3Wv/VszFYug437ynWTu0r2ckopbc3WApJ+q0xFQRqnKVBHOHxRww
WC9KRMQD5fj2gHyARae2xX5J4d/AC7Z75QjnUjis+Uqnu0aMTvTdRWSHlFdxwAmY5kTK
baMw==
...snip...
X-Received: by 2002:a67:ff82:0:b0:398:95a9:f31c with SMTP id
v2-20020a67ff82000000b0039895a9f31cmr85739vsq.9.1662938362037; Sun, 11 Sep
2022 16:19:22 -0700 (PDT)
Received: from 281448027559 named unknown by gmailapi.google.com with
HTTPREST; Sun, 11 Sep 2022 19:19:21 -0400
From: sisatmp+9twk5@gmail.com
MIME-Version: 1.0
Date: Sun, 11 Sep 2022 19:19:21 -0400
Message-ID: <CAGWC1s4wDqyf4C959b_uxA3QNHj6JGrteJONW9YrrdeL8EqLpg@mail.gmail.com>
Subject: test 2
To: [redacted]
Content-Type: multipart/alternative; boundary="0000000000005a4bb105e86f028d"
--0000000000005a4bb105e86f028d
Content-Type: text/plain; charset="UTF-8"
Mailnator test 2.
--0000000000005a4bb105e86f028d
Content-Type: text/html; charset="UTF-8"
<p>Mailnator test 2.</p>
--0000000000005a4bb105e86f028d--I would hardly suggest this is good but it's okay. It's usable from Tor ("Safer" settings) and it has basic mail security. But it fails to hide the fact that it's a burner or disposable mail. I would rather not recommend Yet Another Burner Mail when the guide already has this covered using a personal Gmail to use in some cases where you need a "real identity" such as a bank account. This allows you to forward all mails to a more anonymous address at a trusted provider, while deleting the message from the original recipient's (Gmail) servers.
ghost
Please describe the scope.
The email provider list for signing up on sites could use a useful update
Please describe the solution.
emailnator,com is this cool site that gives you various throwaway emails on @gmail.com domains. I found this a long time ago when I searched for disposable email providers online and opened every possible result, back then it used to be on gmailnator.com but the domain died. I just searched the name gmailnator.com online again and found that their new site is emailnator.com.
NOTE: If you add this to your guide, please don't give me credit. I might be deleting this account soon and don't want remnants of it