Could you please explain a little on what this entails? I donât like blank posts with just a link.
It means that there are no costs involved nor setting up a Domain or VPS, postfix and no POP3/IMAP third party servers are needed. You also donât have to sign-up with third party privacy email providers.
Hmm⌠Still feels weird.. Not enough info..
Iâll stick with Disroot.
So, you have not read the tutorial? Disroot is centralized and does not give you the flexibility you have with Tor and native Tor applications, which you can run on your own with family and friends. Plus with Disroot you have to sign-up with a service which is largely unknown and the operators are not publicity known. It is always the best for Tor users to take privacy and anonymity in their own hands, instead of third parties.
No, I havenât. As I said, I donât like blank posts with a bare link. I didnât click.
Whether or not itâs something others here are interested in, itâs for them to decide. Have a nice day.
here is my comment, I am always interested to be independent from clearnet (from data centers which are also corporations). I think your offer can be used only by programmer experts and not by ordinary people.
-
first problem, your tutorial is in windows and not in linux, exe files and similar.
can we use smtpdump and minimailer in linux debian for example? -
mini mailer config file is not problem, but template is complicated for ordinary people, I suppose admin must write template for family accounts and they should write only their username every time they send email message?
I visited mini mailer github but it is not clear to me if admin write template/config file one time, after that how end users - family accounts - use mini mailer? should they also install something on their laptop to send emails from my onion domain? do they get any graphical interface to send and receive email messages or it must be textual in terminal? -
canât you add some PHP script for administering email accounts from GUI panel? it is not the end of the world to use php in debian in laptop. so, this system with mini mailer donât keep messages, we can read it only one time while laptop is working or smtdump keep messages?
-
step 6 is problematic. as long as we donât shut down computer/laptop.
- so, all accounts must have installed mini-mailer in laptop to get messages and they must keep open terminal or mini-mailer to get messages and they loose messages if they restart laptop?
- does mini mailer has some notification that new message arrived? it is easy to programm mini mailer to pop up message when new message arrive or to show some notification.
I use at command and kdialog --msgbox âIn one hour is concert, prepare yourselfâ, if mini mailer trigger kdialog, message can be:
kdialog --msgbox âYou got new email message, plese check mini mailerâ
- you should explain to the people what is Nym, I thought it is Nym remailers, servers administrated by different people who forward messages anonymously, ordinary people donât know anything about Nym network and anonymous remailer which i saw before many years but never used because forwarding messages through many servers means i must wait several days for delivery of message and I donât have any proof that message arrived at recipient. I think most Nym remailers are dead project. nobody use it.
this Nym Mixnet you use is even not through servers of individuals than Nym is swiss based company and all legal registered companies must respect the law and collaborate with cops or secret service. this company has 77 servers in the USA which realize mass espionage (NSA), they also sell VPN for crazy 13 dollars per month.
I hope mini mailer is not using Nym servers to forward message through Tor.
- Raspberry Pi and Pluto can be used only by electronic and programmers experts, ordinary people can not use it. I never understood anything about raspberry pi and I think Pluto is too much complicated.
I can conclude it is easier to stick with traditional VPS and email server with squirrelmail hidden behind tor servers so called dark web email services which are not legal companies and they donât need to collaborate with cops and spies. dark web emails gives are better privacy than Nym company. I donât know so much about mini mailer to decide if it gives us better privacy than dark web email services.
Thank you for your constructive reply.
Mini Mailer is available for Linux as well.
Because Mini Mailer is an smtp client only and not a fully
fledged MUA it works with config files and templates.
The config files can be used for the Tor Network only or if you like with the Nym Mixnet, it is your choice.
Templates are used to not write the required email headers, every time you use Mini Mailer and in them you simply put the To: email address in it, from people you like to communicate with.
Mini Mailer does not need to stay online, it is only the receiving own server part program smtpdump. Thatâs why I suggested using a Raspberry Pi, because they are cheap and ideally suited for Tor Hidden Services, which run 24/7.
Due to the nature of this privacy set-up, not relying on third party servers, who stores your emails, it works that way. I do not know a better way for privacy/anonymity communications, without third parties involved, but I am all ears.
Added Paragraph 8. covering the new oget for smtpdump and smtpdump+
an old dream: it is one of the reasons that pushed many users towards linux.
quid : how-to for linux ? (do i follow your how-to for windows and apply it on my linux as it _ without garantee)
_ i mean , a real how-to for noob, step by step explained ( i do not want break my o.s _ i am not a tester) ,
_ how are the communications protected from intrusion?
_ is it a proof of concept ?
hi,
itâs exactly what I wanted.
if I followed your tutorial well, I couldnât manage to get a result on âmy presence on the internetâ.
I do not wish to comment on the arguments of the two previous threads: we will get angry and itâs useless.
what happens in case of tor update?
should I therefore reconfigure everything?
using a rasperry is not complicated or expensive but it sounds too much like an unreliable solution, like tinkering: a pre-conceived idea?
in any case, this technical/ingenious innovation pleases me, maybe we will have the pleasure of seeing it included in our distributions soon in the form of options to tor?
hence the following question:
are you affiliated, linked to the tor project?
it would be a guarantee and likely follow-up: a plus
I couldnât get a result by typing the address indicated on the tutorial.
Hi, while the tutorial is written for Windows users, the same applies for Linux, as the programs have all the same parameters or user interface. Simply try it out and when you get stuck I try to do my best to help you.
Regarding intrusion. It depends if people can get access to your inbox, when using only the smtp protocol, which I doubt. But I am all ears. As for a proof-of-concept, well it works at is it should and one can improve the system.
When tor updates happen, you onion addresses will stay the same. You only need a Raspberry Pi if you like to run your service 24/7 or maybe a cheap VPS. I am not affiliated with the torproject.org, sorry. The addresses listed are only demo onion email addresses. The pluto server address in the GitHub repo should work, but only when you use ORBs, to send to a smtpdump(+) server. It retries ten times.
Hello,
I thank you for your response and follow-up, which proves the seriousness of the approach.
Disclaimer: I need, so that there is no discomfort with the chosen words, to use a translator: please excuse me for the imprecision and brutality that could result.
It goes without saying that unaffiliated by tor project and without audit and opinions of other users, the place of this mini-how-to is more to be presented during mozilla/tor/chaos club events that open their âmanifestsâ to everyone (even bsd or debian does it between others) : to my knowledge, there is no need to go to Las Vegas or Colombia to find a warm welcome and ad-hoc support.
Every year, tens and hundreds of âprojectsâ are presented here or elsewhere, some are the work of provocateurs, kiddies, people who seek windfall, other encores who bring nothing except the desire to make themselves known by using sterile or harmful/toxic means (brave is an example, I can cite others), few projects have real potential and when they do, they are quickly noticed and supported. People who donât work with a hat know what they have to do: letâs trust them.
As far as Iâm concerned, out of habit and experience, I donât take projects that have neither reference nor guarantees: I admit however that your work is indeed in the old and new underground line we need.
As long as Tor (since you publish on their official forum) or my distribution has not integrated it _ they are even more suspicious and intransigent than me _ I would not endorse any link with this kind of thing: it would be counterproductive and engage other users in a deadlock.
With all my apologies in advance.
âexplanations of a commonly used expression.â
For the expression "People who donât work with a hat " in the sense of ânot knowing what one is talking about,â suitable translations in English could include:
- âTalking out of oneâs hatâ: This idiom conveys the idea of speaking without knowledge or understanding.
- âIn over oneâs headâ: This suggests being involved in something beyond oneâs understanding or expertise.
- âCluelessâ: This indicates a complete lack of understanding or knowledge about a subject.
Regarding the presentation of an untested or unaudited project related to IT, privacy, confidentiality, or anonymity, the following expressions would be appropriate:
- âUntestedâ: Indicates that the project has not been tried or validated.
- âUnverifiedâ: Highlights the absence of validation or audit.
- âExperimentalâ: Suggests that the project is still in the testing phase and not fully implemented.
- âPrototypicalâ: Indicates that it is a preliminary version that is not yet finalized.
- âNon-compliantâ: Used if the project does not adhere to certain privacy or security standards.
- âAt riskâ: Emphasizes the potential dangers associated with the lack of audit or testing.
These expressions effectively convey the uncertainties and risks associated with such projects.
Are you aware how much (a lot) money a professional audit costs? Maybe you should ask the Tor developers how many professional audits they had and what it had cost them, to get a better overview. My projects are available publicity on GitHub and therefore open for peer review, by the interested audience.
You are speaking like a poor samurai who cannot buy himself a sword but would really like to have the honor of joining his own.
There are rules, you have to follow them.
The solutions as suggested and known are those of presenting your work at events, there you will see the supports reveal themselves: now if you believe that gitHub is the best way to do it or the most visible platform; so much the better for you and my best wishes for success.
Another solution is to participate in TV shows to find financiers: where I live, itâs common and it works.
There are also many companies/ businesses that recruit and seek talent: it is up to you to make yourself known, convince and sell yourself.
Unless you would prefer that your work for free be taken over and integrated, refined, completed by others: open-source licenses allow it.
In any case, it takes time.
For the record: âCash onlyâ - âNo creditâ - âPay up frontâ - âNo free ridesâ - these are expressions that summarize well the difficulty in getting respect ⌠and the content of oneâs responsibilities.
I guess you never worked in that field, otherwise you would not speak like this. If you donât trust tor, one component of my set-up, it is up to you. I told you I will help if you get stuck. You have to look for people you can trust and let them do a peer review for you. This is not my job. BTW. nobody is forced to use my tutorial.
@pollux Your windows binary is detected as malware:
smtpdump-windows-amd64.exe â virustotal.com
Go programs compiled for Windows 64bit are often flagged as virus, but as you can see the majority of AV programs there do not show those false positives. I could update to source code with a manifest, like in oget and than it would be not flagged by Microsoft.