OmniMix • Tutorial • Tor • TorPlus • OrMail PreviousTopNext

The major advantage of remailer networks is unpredictable latency at each server of the delivery chain, which renders correlation attacks useless, an important contribution to its extremely reliable resistance against all kinds of attacks. But that latency may be intolerable with time-critical missions, where also the feedback of a successful transaction is mandatory, which remailers can't provide as well.

That's where direct e-mail communication between sender and recipient through the Tor network may be a viable solution.

It gives you hidden end-to-end encrypted data transfers in realtime e.g. between OmniMix installations, which are connected by a circuit of up to 9 anonymizing Tor nodes, without the need of an additional external mail server.

Like anonymous remailing through the Mixmaster and Yamn network OrMail integrates seamlessly into your mail management infrastructure. Use your standard mail client, which may already be configured to route all traffic through OmniMix, and, based on an OrMail recipients list within OmniMix, matching mail is delivered directly through the Tor network and the destination's Tor Hidden Service to its SMTP server. You only have to know the recipient's .onion address and the port number that service uses. From there the recipient's mail client downloads stored messages with a POP3 command. Similar to its nym account management OmniMix supports multiuser environments with OrMail as well, as for each user multiple mail recipient ('To: header') patterns can be defined. Furthermore you're not restricted in the number of separate Tor Hidden Services and thereby identities usable for different tasks.

At first make sure that at the TorPlus > Server tab the OrMail SMTP server is activated and running, indicated by a white background of the 'Port' field. If it remains grey even after a restart of the OmniMix servers there may be a port conflict with that number already being occupied by another server, so try a different one.

Tutor_TorPlus_OrMail_Server

Then go to the TorPlus > HSvcs tab to set up such a Hidden Service for incoming OrMail by clicking the '+' button to add a new item.

Tutor_TorPlus_OrMail_HS_Edit

Create a new folder, where Tor deploys Hidden Service data like the .onion address it computes at a later restart. Then enter a random external port number at 'Port Ext'. Better don't use a standard port, which is easier to detect by an adversary. Set 'Int Address' to '127.0.0' for the local computer as the device where the OrMail SMTP server resides, and enter its port number into the 'Port Int' field.

With a restart of the OmniMix servers and Tor the system is ready to receive OrMail messages. That's when the Hidden Service's .onion address is created and gets visible at the AddrExt column of the Hidden Service table. A click on the '*' button of the Hidden Services list now copies the complete OrMail address looking like 'ormail2q4v4tsqtqludlts4cbmk5y5u2d74x6aus7tol642uxi2qh3yd.onion:54321' into the clipboard ready to be sent to your communication partner(s).

Tutor_TorPlus_OrMail_HS

Now go to the 'User' Accounts tab, select your own user item (e.g. the 'OmniMix'/'omnimix' entry) and, for testing purposes, add a '^.*$' item, a regular expression term for all possible addresses, to the 'OrMail Addresses' list. Don't forget to set a check mark to activate that entry.

Tutor_TorPlus_OrMail_User_Edit

At the 'MailP' POP3 client tab you finally have to activate OrMail polling ('optional' or 'mandatory') with POP3 downloads by mail clients.

That's it at the receiving end. Now to the easier task at the sender.

Presuming that Tor is already running you first have to go to the Services > OrMail tab, click the '+' button to add an item and define the OrMail recipient who gave you his Hidden Service .onion address with the associated port number by entering them at 'HS Address' and 'Port'. Select SSL/TLS 'enabled', as you can expect the OmniMix SMTP server at the destination to support that data encryption method.

Tutor_TorPlus_OrMail_Recipient_Edit

Then at 'Local Address' enter a (short) unique describing term that you use as the recipient's address in your mail client, and at 'External Address' the true address, by which your local term is overwritten before OmniMix forwards your message. The name part outside the angle brackets isn't altered by OmniMix.

Caution: Never use potential real world mail addresses as local OrMail alias addresses, as for security reasons even mail messages that match a deactivated list entry are blocked.

After closing that window check the activation box above the OrMail Recipients list.

Tutor_TorPlus_OrMail_Recipient

Finally, back at the 'User' tab, activate that OrMail address at the 'OrMail Recipients' list for your account as shown in the picture above to make it available. Keep in mind that if OmniMix recognizes an OrMail recipient term, which isn't unlocked for the respective user, the transmission of that message is aborted to avoid the leakage of information.

PreviousTopNext