Delivery-Date: Mon, 02 Mar 2015 10:15:41 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id BF05E1E0A74
	for <archiver@seul.org>; Mon,  2 Mar 2015 10:15:39 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C900D33DB2;
	Mon,  2 Mar 2015 15:15:35 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3679033D58
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 15:15:32 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id By-xSi802Pz4 for <tor-talk@lists.torproject.org>;
 Mon,  2 Mar 2015 15:15:32 +0000 (UTC)
Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com
 [209.85.212.170])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DCF3A33D01
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 15:15:31 +0000 (UTC)
Received: by widex7 with SMTP id ex7so15638619wid.4
 for <tor-talk@lists.torproject.org>; Mon, 02 Mar 2015 07:15:28 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:sender:message-id:date:from:user-agent
 :mime-version:to:subject:content-type:content-transfer-encoding;
 bh=bxC4h9s4kcKrdHeUH7kCa94xsboxLK6rcsWmRcDQ/D0=;
 b=lM+k1P/YXlYyUSd5aROiOj+GUTEn9f4eZQ67gO1FPJNlKMxy5Q29ax5GM0XyIqSS33
 oyZE45RSMmwHTt/6QGnfhGKHpz1lbWAzqTUBnx510MELL/ic4iiTTlHApWKAwkZOFXM7
 pGa8hZCnVlDsBEWjO/4+ugZ+5Mn8TDg0wpNReLv2L1Fb9+wtloHzlhcgq6+LvUovP+vr
 W+arPNsYh/jpVMisvObANQe2kLftGLYwq+5Ia29Jw/6lxPTYKvMyxCZuSmILfnvg+q0K
 CK80wbeNiiZxR5cseEMDZsfzmNFwbPFArqL1fbfZsiVce/ezvrbUNzsRp5FFUxyIgS8M
 7/bw==
X-Gm-Message-State: ALoCoQmVv3YEA1qOgQ/vRRIu2gxVIHWO6dK1+wyjUclLOlRckVZDlKRp9iht+RMSdYl/qHVIOnu/
X-Received: by 10.194.94.164 with SMTP id dd4mr60836672wjb.56.1425309328698;
 Mon, 02 Mar 2015 07:15:28 -0800 (PST)
Received: from MacBookAir-2.local (5.40.111.162.static.user.ono.com.
 [5.40.111.162])
 by mx.google.com with ESMTPSA id l4sm16448173wiw.9.2015.03.02.07.15.27
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Mon, 02 Mar 2015 07:15:27 -0800 (PST)
Message-ID: <54F47E8E.6040908@infosecurity.ch>
Date: Mon, 02 Mar 2015 16:15:26 +0100
From: "Fabio Pietrosanti (naif) - lists" <lists@infosecurity.ch>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9;
 rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Fixing the problem of sending email from Tor: Proof of
 Work based system
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi all,

at GlobaLeaks we're encountering a lot of issues related to sending of
email notification behind Tor, with almost any email provider.

If the sender provider don't block you today, it will block you tomorrow
at random.
If the recipient's provider don't mark you as Spam today, it will do it
tomorrow at random.

That's a known Tor's outgoing email problem, still unfixed.

That's because any provider that's used continuously behind Tor, before
or later get abused/will block you (including Google), and because the
IP reputation of any Tor Exit Relay on the internet is very bad.

So, thinking on how to fix it, why don't create an outbound email system
that's based on proof of work to heavily disincentive spammer/fraudster,
enabling a Tor user to send email to general Internet users without
major problems?

If my Tor client computer had to run heavy computations for 15-30s to
send a single email, i think that spammer and fraudster will be KO, but
an average user could still find it acceptable because a single user is
"low volume" but any automated systems are high-volume.

A Tor Exit node could require such a "proof of work" from a Tor Client
in order to enable a single outgoing connection for that "highly
sensible exit port" (25, 465, 587).

If this method work, it should be required to improve Tor to run a
dedicated "Per Port  Exit OutBoundAddress" that would enable to have a
dedicated IP address for outgoing connections trough port 25/465/587.
This IP address will have a good reputation on the internet, because
will be only used by real-users to send a relatively limited amount of
emails.

That way it would be transparent for the end-user to send outgoing email
trough Tor.

If this would be in place, the Tor2web inbound SMTP feature #LINKTICKET,
to be developed before or later, will complement this picture allowing
full inbound/outbound SMTP email traffic.


Beware: I'm pro-compatibility, i don't like any "let's make/use a new
protocol, Email is dead, SMTP is dead, PGP is dead!" and i concretely
think that we shall improve the existing internet-standards to fulfill
new requirements, rather than create new ones.


-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

