[tor-talk] Secure email with limited usable metadata
Moritz Bartl
moritz at torservers.net
Mon Jul 1 16:41:18 UTC 2013
Thank you for raising this topic once again. Toying with the idea of
"better" email for quite some time, I think there's direct and practical
things you can offer,
> i was thinking about pointing the mx record of the tld to a mail
> server that is shared with other individuals. the server
> is configured to drop incoming non-tls smtp connection from other
> mail server. On a per account basis, every message that is not
> encrypted to the public pgp key of the address is dropped, too.
> users use pop3/smtp over a hidden server to download/send messages.
See https://github.com/moba/pgpmilter for a small prototype script that
rejects non-PGP mail. Exim seems to have the configuration option for
that somewhat built-in.
I'd go further and forward mail from the mx to hidden services
configurable by the user.
> if inbox size is limited to a few mbs
I'd maybe want to limit the amount of email a user can *send* in a given
time span.
> any cheap vps
I would not want to use VPS for a service like this.
> a trusted umbrella organization is needed
Working on something like it.
> is the tor project or torservers.net interested in running
> such a service?
Torservers.net is currently a project under a German non-profit. In
Germany, ever email provider with more than 10k users has to provide
lawful interception.
I'd like to see a full design for it first, and then the components, and
the configuration for each component, so this is easy to set up and
replicate by anyone. For example, how do I configure Postfix to relay
certain incoming mail to a configured hidden service, how do I make it
so it only rejects non-PGP mail for some accounts, etc.
Moritz Bartl
More information about the tor-talk
mailing list