[tor-talk] Tor and forward email to Spam folder.

Ben Tasker ben at bentasker.co.uk
Sun Oct 30 14:49:07 UTC 2016


So, it seems there are some differences which decide whether Google will
include the client IP when using the web interface.

If you're using an "Apps for domain" account, the X-originating-ip header
will be added *every* time, whether you use Webmail or the "Gmail" app on
Android.

If you're using a @gmail.com address then it's not so consistent. I've not
tracked down exactly what the difference are, but it adds it some of the
time.

Doesn't seem to be purely related to logging in from a new IP, could
perhaps be related to the "reputation" of the IP you're connecting from?
IPv4 vs IPv6 doesn't make a difference as far as I can see. Presumably they
only add it when they consider the connection is possibly a risk, otherwise
you'd never add it (or always add it).

So the fuller answer, I guess, is "perhaps"

On Sun, Oct 30, 2016 at 1:21 PM, Ben Tasker <ben at bentasker.co.uk> wrote:

> That's not strictly true.
>
> Under various circumstances, when using webmail, google will add an
> additional header - X-Originating-IP - which contains the IP of the client
> (i.e. your browser) connected to the webmail interface.
>
> Once upon a time, Hotmail used to do it to, though they moved to using a
> hashed version (and X-EIP as the header IIRC).
>
> You won't see the webmail client in "received from" headers though.
>
> On Sun, Oct 30, 2016 at 11:57 AM, Aeris <aeris+tor at imirhil.fr> wrote:
>
>> > You wrong!!!
>> > Google can't reveal client IP. It is an email header, Can you tell me
>> the IP
>> > address of sender?
>>
>> It depends how you send your email.
>>
>> If you use their webmail, your client IP is not send, because first
>> sending
>> SMTP machine is a gmail one :
>>         Received: from imirhil.fr ([127.0.0.1]) Sun, 30 Oct 2016
>> 11:44:18 +0000
>> (UTC)
>>         Received: from mail-it0-x229.google.com (mail-it0-x229.google.com
>>  [IPv6:2607:f8b0:4001:c0b::229])
>>         Received: by mail-it0-x229.google.com; Sun, 30 Oct 2016 04:43:55
>> -0700
>> (PDT)
>>
>> If you use SMTP, your client IP is send because it’s the first sending
>> SMTP
>> machine :
>>         Received: from imirhil.fr ([127.0.0.1]); Sun, 30 Oct 2016
>> 11:45:00 +0000
>> (UTC)
>>         Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com
>>  [IPv6:2a00:1450:400c:c09::231]); Sun, 30 Oct 2016 11:44:40 +0000 (UTC)
>>         Received: by mail-wm0-x231.google.com; Sun, 30 Oct 2016 04:44:40
>> -0700
>> (PDT)
>>         Received: from aeris.imirhil.fr ([***2001:41d0:fe85:b900::1***]);
>> Sun, 30
>> Oct 2016 04:44:38 -0700 (PDT)
>>
>> This is why on my personal SMTP server, any client informations are
>> dropped or
>> anonymized.
>>         /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 [127.0.0.1] (localhost
>> [127.0.0.1])$2
>>         /^\s*User-Agent:/        IGNORE
>>         /^\s*X-Enigmail:/        IGNORE
>>         /^\s*X-Mailer:/          IGNORE
>>         /^\s*X-Originating-IP:/  IGNORE
>>
>>
>> Regards,
>> --
>> Aeris
>> Individual crypto-terrorist group self-radicalized on the digital Internet
>> https://imirhil.fr/
>>
>> Protect your privacy, encrypt your communications
>> GPG : EFB74277 ECE4E222
>> OTR : 5769616D 2D3DAC72
>> https://café-vie-privée.fr/ <https://xn--caf-vie-prive-dhbj.fr/>
>> --
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>>
>
>
> --
> Ben Tasker
> https://www.bentasker.co.uk
>
>


-- 
Ben Tasker
https://www.bentasker.co.uk


More information about the tor-talk mailing list