Open ckxng opened 8 years ago
https://riseup.net do not embed the IP address of the sender and even have onion addresses for their servers.
I think we should just recommend always using an external MTA that you can rely on when running a hidden service you want to remain anonymous.
I have not used riseup as an MTA, but it sounds like it could be a good fit. Since setting up a smarthost with authentication is not trivial, we should see about how we can configure this using ansible variables.
Currently we just rely on configuration inside the Sandstorm admin console to allow us to enter an outgoing SMTP server (as in, a manual process).
Not sure if sandstorm has a config file option for outgoing SMTP server... I would think so.
Web applications may assume that email is readily available, and may even use it as an authentication method (login with email address). We should research which email delivery methods are most reliable, and do not reveal the location of the server running hidden services.
The solution should be: