The major advantage of remailer networks is unpredictable latency at each server of the delivery chain, which renders
correlation attacks useless, an important contribution to its extremely reliable resistance against all kinds of attacks.
But that latency may be intolerable with time-critical missions, where also the feedback of a successful transaction is
mandatory, which remailers can't provide as well.
That's where direct e-mail communication between sender and recipient through the Tor network may be a viable solution.
It gives you secret end-to-end encrypted data transfers in realtime e.g. between OmniMix installations, which are connected
by a circuit of up to 9 anonymizing Tor nodes, without the need of an additional external mail server.
Like anonymous remailing through the Mixmaster and Yamn network OrMail integrates seamlessly into your mail management
infrastructure. Use your standard mail client, which may already be configured to route all traffic through OmniMix, and,
based on an OrMail recipients list within OmniMix, matching mail is delivered directly through the Tor network and the
destination's Tor Hidden Service to the SMTP server attached to it. You only have to know the recipient's .onion address,
the port number used by that service and whether the receiving server demands a
Hashcash
token to accept the mail message. From there the recipient's mail client can download stored messages at any time with a
POP3 command. Similar to its nym account management OmniMix supports multiuser environments with OrMail as well, as for
each user multiple mail recipient ('To:' header) patterns can be defined. Furthermore you're not restricted in the number
of separate Tor Hidden Service addresses and thereby identities usable for different tasks.
At first make sure that at the TorPlus > Server tab the OmniMix SMTP server is activated for OrMail processing.
Then go to the TorPlus > HSvcs tab to set up such a Hidden Service for incoming OrMail by clicking the '+' button to add a
new item.
Create a new folder, where Tor deploys Hidden Service data like the .onion address it computes at a later restart. Then
enter a random external port number at 'Ext Port'. Better don't use a standard port, which is easier to detect by a port
scan done by an adversary. Set 'Int Address' to '127.0.0.1' for the local computer as the device where the OrMail SMTP
server resides, and enter its port number into the 'Int Port' field. Be aware, that conflicting port numbers prevent the
server from (re)starting. So avoid duplicates and assign each entry its unique internal port. To make mail flooding
harder you may instruct your mail server to ask for a Hashcash token in order to accept an incoming mail message. Do so
by entering a number above zero, usually 24..30, at the 'Hashcash' bit field.
Now, at the OrMail Address field, you have to enter a
regular expression
term, which defines all 'To:' addresses of the mailboxes that are bound to that Hidden Service.
With a restart of the OmniMix servers and then Tor the system is ready to receive OrMail messages. That's when the Hidden
Service's .onion address is created and gets visible at the AddrExt column of the Hidden Service table. A click on the
'*' button of the Hidden Services list now copies the complete OrMail address, external port number and Hashcash bit
requirements, looking like
into the clipboard ready to be sent to your communication partner(s) along with the arbitrary mail address you intend to
use.
Warning: Keep the preinstalled SSL/TLS Demo Certificate ('omnimix_demo.pem' at the Cert > Server tab) in place if you
intend to use the OrMail SMTP server for anonymity reasons. Otherwise, when replacing it with an individual certificate,
an adversary is able to cross-link your Hidden Services based on that certificate's fingerprint! It would therefore be
advisable to consider setting up separate OmniMix installations for that purpose. And always keep in mind, that Tor offers
an offender many more attack vectors that anonymous remailing including the usage of nym servers. Convenience has its price.
Now go to the 'User' Accounts tab, select your own user item (e.g. the 'OmniMix'/'omnimix' entry) and, for testing purposes,
add a '^.*$' item, a
regular expression
term for all possible addresses, to the 'OrMail Addresses' list. Don't forget to set a check mark to activate that entry.
At the 'MailP' POP3 client tab you finally have to activate OrMail polling ('optional' or 'mandatory') with POP3 downloads
by mail clients.
That's it at the receiving end. Now to the easier task at the sender.
Presuming that Tor is already running you first have to go to the Services > OrMail tab, click the '+' button to add an item
and define the OrMail recipient who gave you his Hidden Service .onion address with the associated port number and Hashcash
bits by entering them at 'HS Address', 'Port' and 'Hashcash'. With those communication parameters present in the clipboard
formatted as mentioned above they are quickly pasted from there by clicking the '<' button. Select SSL/TLS 'enabled', as you
can expect the OmniMix SMTP server at the destination to support that data encryption method. Tor connect / read timeout
intervals are taken from the AnoMailS > Direct tab.
Then at 'Local Address' enter a (short) unique describing address term that you use as the recipient's address in your mail
client, and at 'External Address' the true address, by which your local term is overwritten before OmniMix forwards your
message. The name part outside the angle brackets isn't altered by OmniMix.
Caution: Never use potential real world mail addresses as local OrMail alias addresses, as for security reasons even mail
messages that match a deactivated list entry are blocked.
After closing that window check the activation box above the OrMail Recipients list.
Finally, back at the 'User' tab, activate that OrMail address at the 'OrMail Recipients' list for your account as shown in
the picture above to make it available. Keep in mind, that if OmniMix recognizes an OrMail recipient term, which isn't
unlocked for the respective user, the transmission of that message is aborted to prevent the leakage of information. I urge
you to send your first test message to check its routing with OmniMix in Simulation mode. That's the way to avoid unpleasant
results!
