JAP,TOR,Socks proxy ,tunneling and Stunnel

Discussion in 'privacy general' started by Pollmaster, Nov 20, 2004.

Thread Status:
Not open for further replies.
  1. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Any SMTP server which did not add the IP address to the header would be jumped on by spammers the world over since normal ones can catch out a spam-SMTP server using a fake HELO. They do exist (mainly ones running outdated software) but are quite likely to be blacklisted.

    As for SpamGourmet, it is not an email anonymiser - it does include your original address in the headers.

    Given the problems of spam, I would suggest that your only method of using anonymous email is via a web page (accessed via Tor, JAP or whatever...). Just another reason to kick any spammers you know. ;) Or better yet, subscribe them to the Scientologists and let them spam each other...
     
  2. Pollmaster2

    Pollmaster2 Guest

    Don't quite get what you are saying

    [/Quote]
    They do exist (mainly ones running outdated software) but are quite likely to be blacklisted.[/Quote]

    That's why if Tor could work, it would be great. No need for the SMTP server to fake anything.
     
  3. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Adding IP addresses to mail headers is a standard feature of any mailserver software. Only very old versions do not do this.
    It would be great for spammers who would then deluge Tor with all their junk mails. If this happened, Tor's performance would drop through the floor until every Tor server ended up on an email blacklist.
     
  4. Pollmaster2

    Pollmaster2 Guest

    Huh? The smtp servers would allow you access only if you could authicate yourself. So if anything goes wrong, they know who exactly to shut down. No?
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    SMTP (as defined in RFC 821) offers no means of authentication. Either a mail server has to use an extension to SMTP (such as that covered in RFC 2554) or require a POP3/IMAP connection first (which does require authentication). SMTP extensions may not be supported on all servers and the POP3/IMAP approach requires you to use the same IP address for the SMTP connection - which cannot be guaranteed on Tor where each connection may exit via a different server.
     
  6. TRYU

    TRYU Guest

  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
  8. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,312
    Location:
    Here, There and Everywhere
    I wonder when people look up JAP on Google and then post the backdoor notices they don't also find links to the posts that show that what happened, in the long run, was a good thing. It is a perfect example as to how and why open source works! Had this been a closed souce private compnay that received that subpoena and complied, it might still be backdoored and nobody would know. It's a textbook case of why open source is always better when it comes to security tools.
    Gerard
    ps: Another example is Window Washer and a BIG bug. If you run WW, do yourself a favor and run a quick test. Make a simple text file, make sure WW is set to 'bleach' at its safest level and run the program. Now, check with WinHex or Directory Snoop or something similar. Is it gone? Surprise if you're using almost all releases of 5.0+ The file is still there and fully recoverable! If it had been an open source program, it would have been discovered right away that the program itself was actually disabled to 'bleach' for nearly a year.
     
  9. AlbatroS

    AlbatroS Registered Member

    Joined:
    Sep 19, 2004
    Posts:
    11
    I tried to send to myself an email using SOCKSified Thunderbird. It works, but... my local IP is stored in headers together with TOR IP. Any workaround?
     
  10. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    An excellent point indeed.
    Your email software adds this information. To avoid having your address included in email headers you need to use an anonymizing remailer service (AJohn mentions a couple above).
     
  11. AlbatroS

    AlbatroS Registered Member

    Joined:
    Sep 19, 2004
    Posts:
    11
    What if I register and use whichever webmail service using TOR? That's because in the past I used remailers Ajohn mentioned and they lost a lot of messages :(
     
  12. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    That was the recommendation given in post #26 above...
     
  13. ?Zrat

    ?Zrat Guest

    Please can you tell how this can be configured on a firewall. I'm using sockscap, with TOR, along Sygate Pro.
    Thanks for your help
     
  14. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Please see the Setting up Tor/Proxomitron+SocksCap thread for details on firewall configuration.

    Do note however that Sygate has a rather nasty loopback vulnerability which means that any application can gain Internet access using the permissions given to local proxy applications like Tor or Proxomitron. Since this can include any trojans or malware, using another firewall that can filter localhost traffic better is advisable - or using an anonymizing service that does not need a local proxy (Anonymizer's basic service where your browser makes an encrypted SSL connection to its website being one example).
     
  15. ?Zrat

    ?Zrat Guest

    P2K, thanks for your reply.
    I already have TOR, and sockscap running and configured. My concerne is only how to restrict the browser to contact the proxy only, and do not accept a direct connection to web page?

    I didn't get the idea, if I restrict through ports, how can the firewall tell if the connection is comming from a proxy server, or directly from the web page?
     
  16. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Allow the browser to connect to the localhost address 127.0.0.1 only
    Most personal firewalls (Sygate included) monitor which applications are requesting a connection, so it is possible to create a rule for application X allowing it access to address Y using port Z. However, Sygate does not filter attempts to access local proxies so if you create a rule for such a proxy, any other application can connect to this proxy and send data through it, gaining network access.
     
  17. ?Zrat

    ?Zrat Guest

    Thanks P2K, your expertise is highly appreciated
     
  18. DougWD61

    DougWD61 Registered Member

    Joined:
    Dec 1, 2004
    Posts:
    15
    That is because TOR blocks SMTP on the regular SMTP port (forgot what it is). I've been wanting to set up my own mail server using MS XP IIS, setting it to a diffferent port for SMTP, and then seeing if I can send using my own SMPT server on my regular box. I'll bet it would work. If so, we can all ahve our own proxified, encrypted SMTPs, and there is nothing anyone can do about that. Note that some ISPs block the normal SMTP port, so you will need to change it. Cox blocks port 80 so people can't easily run webservers. You can use a service that will automatically redirect traffic to your odd web port, or you can use any other port. If you use a web server for personal traffic (I use mine to exchange large files with friends and with my small web design business between clients) simply changing the port for HTTP to 8080 work, and looks like: yourispnumber:8080 as a URL.

     
    Last edited: Dec 16, 2004
  19. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    If I'm running Tor and Privoxy, is there any further benefit to adding Sockscap to the mix?

    If so, how do you go about it? (I saw the configuration screen for SocksCap in another thread, but I couldn't figure out whether that was in a set-up that already had Tor & Privoxy running, or just for Tor and Sockscap).

    Darn - it's geting complicated, ain't it?Pete
     
  20. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Spy1: Privoxy handles web traffic, so SocksCap would only become necessary if you wanted to run other applications over Tor (Usenet for example, though this appears to be restricted if you check related threads). See the Setting up Tor/Proxomitron+SocksCap for setup details about SocksCap - setup is simple but the 5-second splash screen gets annoying fast. FreeCap is another option, but I've not been able to get it to work on my system.

    Spanner: VPN's are not within the topic of this thread - I'd suggest you create a new one instead in the Other Firewalls forum (your problem is really ZA-related).
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.