Delivery-Date: Tue, 26 May 2015 20:51:11 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D7C651E0F8E;
	Tue, 26 May 2015 20:51:09 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 6C63C352F2;
	Wed, 27 May 2015 00:51:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A9365351DC
 for <tor-talk@lists.torproject.org>; Wed, 27 May 2015 00:50:59 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id NoqU16iRhQgP for <tor-talk@lists.torproject.org>;
 Wed, 27 May 2015 00:50:59 +0000 (UTC)
Received: from mail.confidantmail.org (mail.confidantmail.org [54.213.166.118])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 84548350BC
 for <tor-talk@lists.torproject.org>; Wed, 27 May 2015 00:50:59 +0000 (UTC)
Received: from [192.168.1.137] (rrcs-24-43-0-6.west.biz.rr.com [24.43.0.6])
 (Authenticated sender: mike)
 by mail.confidantmail.org (Postfix) with ESMTPSA id DB327A2248;
 Wed, 27 May 2015 00:50:55 +0000 (UTC)
Message-ID: <556514E0.1020205@confidantmail.org>
Date: Tue, 26 May 2015 17:50:40 -0700
From: Mike Ingle <mike@confidantmail.org>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: tor-talk@lists.torproject.org, lynX@time.to.get.psyced.org
References: <CAD2Ti2-qdymrnM-nHqP2sVBYP=notY6sW54dQ1to-KTbkTEY4A@mail.gmail.com>
 <555E2BFC.6000709@rawbw.com> <20150526233633.GA1790@lo.psyced.org>
In-Reply-To: <20150526233633.GA1790@lo.psyced.org>
Subject: [tor-talk] Confidant Mail, was re:  Mailpile SMTorP
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Confidant Mail is another next-gen mail architecture worth a look. You 
can access
servers directly, via exit node, via hidden service, or via I2P. You can 
have your mail
hosted on your own server, on someone else's server, or in the 
Distributed Hash Table.
In the "server" case there is no limit on attachment size. You do not 
have to be online at
the same time as the recipient.

It's written in Python and uses PyOpenSSL and gnupg encryption. If you 
are looking for
next gen email over Tor, look here: https://www.confidantmail.org

Mike

On 5/26/2015 4:36 PM, carlo von lynX wrote:
> On Thu, May 21, 2015 at 12:03:24PM -0700, Yuri wrote:
>   
>> On one hand, Mailpile is after security, which is great. But on the
>> other hand they use node which doesn't sign packages, therefore
>>     
>
> What a shame! Somebody please fix this node thing. I can't
> believe these nodejs enthusiastos are playing around with all 
> kinds of crypto something javascript applications but build 
> on top of a house of cards.
>
> I still have plenty of criticism for SMTP and the idea of
> doing PGP on top of SMTP but having the server run as a
> hidden service from my own laptop gives this architecture
> quite a legitimacy boost.
>
> While with a mail system like Pond the few popular servers
> can be deanonymized by confirmation attack, then taken over
> by authorities and subdued to send traffic shaped messages
> back to the users, thus slowly deanonymizing the entire
> social graph of Pond users... SMTorP appears to me to be a
> better idea.
>
> With both send and reception points on the user's laptop,
> an attacker that wants to inject a traffic shape into the
> Tor network needs to take over the laptop itself. From my
> understanding there is no other place on the network
> where that sort of attack would be successful.
>
> If that is true, that would be a great progress. Too bad
> that the old problem of both having to be online at the
> same time is re-introduced. We could have started using
> Retroshare over Tor two years ago to achieve the same goal.
> Retroshare looks a little less fancy than Mailpile, but
> it doesn't need any pip or node.
>
> Also Framstag's sendfile SAFT implementation can be a neat
> quickfix solution. The server is easily pluggable into a
> hidden service and provides for mail-like spooling of 
> messages and native binary file transfers, without all
> the overhead of e-mail.
>
>
>   

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

