Determine the most reliable way to send mail from a server running Tor hidden services

iflowfor8hours / sandcastle

An opinionated configuration for running sandstorm with a focus on security and paranoid assumptions

MIT License

28 stars 10 forks source link

Determine the most reliable way to send mail from a server running Tor hidden services #29

Open ckxng opened 8 years ago

ckxng commented 8 years ago

Web applications may assume that email is readily available, and may even use it as an authentication method (login with email address). We should research which email delivery methods are most reliable, and do not reveal the location of the server running hidden services.

The solution should be:

Easy to use
Reliable (not arriving in junk mail)
Private (not revealing the IP address of the server)

jacksingleton commented 8 years ago

https://riseup.net do not embed the IP address of the sender and even have onion addresses for their servers.

jacksingleton commented 8 years ago

I think we should just recommend always using an external MTA that you can rely on when running a hidden service you want to remain anonymous.

ckxng commented 8 years ago

I have not used riseup as an MTA, but it sounds like it could be a good fit. Since setting up a smarthost with authentication is not trivial, we should see about how we can configure this using ansible variables.

jacksingleton commented 8 years ago

Currently we just rely on configuration inside the Sandstorm admin console to allow us to enter an outgoing SMTP server (as in, a manual process).

Not sure if sandstorm has a config file option for outgoing SMTP server... I would think so.