Delivery-Date: Mon, 02 Mar 2015 15:10:09 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 80FAE1E00AF
	for <archiver@seul.org>; Mon,  2 Mar 2015 15:10:06 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 14DAC33B12;
	Mon,  2 Mar 2015 20:10:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 730B533965
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 20:09:59 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id RS-wLh7WJU_F for <tor-talk@lists.torproject.org>;
 Mon,  2 Mar 2015 20:09:59 +0000 (UTC)
Received: from mail.lapsedordinary.net (thinksmall.vps.bitfolk.com
 [85.119.83.85])
 by eugeni.torproject.org (Postfix) with ESMTP id 224AA338CC
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 20:09:59 +0000 (UTC)
X-Greylist: delayed 623 seconds by postgrey-1.34 at eugeni;
 Mon, 02 Mar 2015 20:09:59 UTC
Received: by mail.lapsedordinary.net (Postfix, from userid 1000)
 id C7DE4340CB; Mon,  2 Mar 2015 19:59:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net;
 s=mail; t=1425326372;
 bh=p0pCezeKYYNsaT8WBNUZ3j/mRJpNuNj5IrSw410x7TM=;
 h=Date:From:To:Subject:Message-ID:References:MIME-Version:
 Content-Type:In-Reply-To;
 b=MK7nnZCVOTOr5IZ7xs90LEXmgZMPgD9vOM71AIj1RxkaCXjYJFbanqYAmeRX+EUfC
 kLv77Ted4u1jZF1ZMsRzUZ5iPHQX76BjvVkEA+0ntNwzzxbMfpp8JPPRpO60kRCAXB
 UrcfBm72IVZORiGCErUUrSatQHurexJjSeMg/p/Q=
Date: Mon, 2 Mar 2015 19:59:32 +0000
From: Martijn Grooten <martijn@lapsedordinary.net>
To: tor-talk@lists.torproject.org
Message-ID: <20150302195932.GA21183@lapsedordinary.net>
References: <54F47E8E.6040908@infosecurity.ch>
MIME-Version: 1.0
In-Reply-To: <54F47E8E.6040908@infosecurity.ch>
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof
 of Work based system
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1207024496529558665=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============1207024496529558665==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="tKW2IUtsqtDRztdT"
Content-Disposition: inline


--tKW2IUtsqtDRztdT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 02, 2015 at 04:15:26PM +0100, Fabio Pietrosanti (naif) - lists =
wrote:
> at GlobaLeaks we're encountering a lot of issues related to sending of
> email notification behind Tor, with almost any email provider.
>=20
> If the sender provider don't block you today, it will block you tomorrow
> at random.
> If the recipient's provider don't mark you as Spam today, it will do it
> tomorrow at random.
>=20
> That's a known Tor's outgoing email problem, still unfixed.

So if I understand you correctly, you mean the following two problems:
a) using Tor to connect to a third-party provider (Gmail etc) won't
always work as the connection is sometimes blocked;
and
b) using Tor to connect to the recipient's mail server on port 25, if
you find an exit node that allows you to do so, will often result in the
connection being blocked, because spammers use the same exit node as
well, resulting in blacklisting?

Your solution, as I understand it, is for Tor exit nodes that allow
outgoing connections on email ports to require a proof-of-work from the
client, to prevent spammers from abusing it.

A few thoughts:

* Proof-of-work to combat spam is an old idea, which many people believe
doesn't work, because spammers do have huge resources.[1] This may be
less of an issue here as senders may be willing to do a lot more work,
given that they explicitly choose to be behind work.

* Like it or loathe it, IP addresses play a very important part in
today's email infrastructure. To achieve good delivery rates, it is
advisable not to change IP addresses too often. With Tor, you'd be
changing them all the time.

* IP addresses aren't the only part of email that can be traced to you.
Domains can as well. That is worth keeping in mind here as well. (As for
DKIM, in theory this would allow mail servers to ignore the IP address
and just look at the domain. In practise I doubt any mail server does,
if only because they know the IP address much earlier during the SMTP
transaction.)

* This would essentially require the exit node to perform a
man-in-the-middle, at least on the level of meta-data, as it would have
to be able to distinguish between you sending 1000 short emails to
example.com users and you sending one very large email to an example.com
user.

The latter still applies if you merely want to submit email to a mail
server that performs the delivery for you, rather than directly connect
to the recipient's mail server.

As for the idea of a "Per Port Exit OutBoundAddress", it is good to know
there are other reasons why people might want to prevent certain IP
addresses from sending email, not just spam: (perceived) abuse,
censorship etc. Introducing such a single point of failure sounds like a
bad idea.

Martijn.

[1] http://www.cl.cam.ac.uk/~rnc1/proofwork.pdf


--tKW2IUtsqtDRztdT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJU9MEkAAoJEI5dMs9dIv8ZPbwIAI/1rMJ9TzqzkPbBcqvLTpBU
g/pkxpU8F513sfJtJQPc6mKE9F2gs/TjIJPzuPP95l5yenOgacvXazhtRdiMUK9G
MsURXOltCzwrd8A5uX3dYT7VLa37nV1Jgjxz1JCmUN3haRfdDMI3/gyKcPGatMb6
VZYN1HTyyup4Kjs3G8IWeqntyFpUSiyGeTfDp4gP56qFlouW3kjR/l+bLnBu9X44
pR9UnCZh8Dgf1rOuRnDeu9PNv+bi66AUgVg55TokFzxqogoRa1i+x/Kkewelvkvq
UYzGMqOleWu/rwOoWVyFIrEbCindtfxlOnhNPRpdZ0tQsCRUXcniJEAc2gUMqtU=
=Ca84
-----END PGP SIGNATURE-----

--tKW2IUtsqtDRztdT--

--===============1207024496529558665==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============1207024496529558665==--

