In view of anonymous remailers I would like to understand and hear other
people’s views on server-to-server and server-to-client authentication.
I would like to understand what is best worth masking the source host,
using tor hidden services for example or pushing the accelerator on
authentication and verification of hostnames with technologies such as
dnssec, spf, dkim, dmarc, mta-sts.
I'd like to understand also what yamn does about masking origins of
connections if it does.

Hope i was clear enough
Kind regards

Gabx

On Saturday, June 26, 2021 at 12:41:59 PM UTC+2, Gabx wrote:
> In view of anonymous remailers I would like to understand and hear other
> people’s views on server-to-server and server-to-client authentication.
> I would like to understand what is best worth masking the source host,
> using tor hidden services for example or pushing the accelerator on
> authentication and verification of hostnames with technologies such as
> dnssec, spf, dkim, dmarc, mta-sts.
> I'd like to understand also what yamn does about masking origins of
> connections if it does.
>
> Hope i was clear enough

Hi,

it was years ago requested by some users or remops to set-up Tor Hidden Services
for MTAs, but never done with Mixmaster or YAMN. There are instructions
available to do so, but then exits would be still available via clearnet.

The other things like spf etc. you can set-up with postfix.

Regarding your last question, you can set-up a YAMN client with Tor, socat and
also fetch stats via Tor (without YAMN). I discribed this long ago and it is also
mentioned in sec3's YAMN tutorials.

Regards
Stefan

On 6/26/21 4:42 AM, Gabx wrote:
> In view of anonymous remailers I would like to understand and hear
> other people’s views on server-to-server and server-to-client
> authentication.

I would think that using TLS and name verification would cover most of
this. Especially if the receiving system's domain published CAA records
listing which registrar(s) were authorized to issue certificates for
said domain. Kudos for DNSSEC protecting said CAA record(s).

Obviously, the client will need to /properly/ validate things. This in
and of itself seems to be a common Achilles Heal for the web.

> I would like to understand what is best worth masking the source host,
> using tor hidden services for example...

I don't know how much value there is in masking remailer to remailer
traffic. I guess if there is enough, then the community would support it.

> ...pushing the accelerator on authentication and verification of
> hostnames with technologies such as dnssec, spf, dkim, dmarc, mta-sts.

I want to ask, shocked and aghast, "Do you mean that there are email
servers that don't do this?!", but I know that there are many. All but
MTA-STS has been a norm and, dare I say, best practice for a decade or
more, in the email server / postmaster community.

> I'd like to understand also what yamn does about masking origins of
> connections if it does.

I may be mistaken, but don't both Yamn and Mixmaster take the body,
which is cyphertext, from inbound messages and discard everything else?
Thus nothing is preserved from the input side to the output side of the
remailer. So, I think that Yamn and Mixmaster do a fairly good job at
masking the origins of messages that they send.

--
Grant. . . .
unix || die

On 6/26/21 9:57 AM, Stefan Claas wrote:
> it was years ago requested by some users or remops to set-up Tor
> Hidden Services for MTAs, but never done with Mixmaster or YAMN. There
> are instructions available to do so, but then exits would be still
> available via clearnet.

Don't many of the Yamn / Mixmaster remailers have Tor Hidden Services?

Though, my understanding is that the THS' are used for the
client-to-remailer connection. I'm not aware of THS' being used for the
remailer-to-remailer connection(s).

I'm fairly confident that the R-to-R use of THS is possible, and I can
even see most of the path to do it. But it seems like an additional
layer of complexity and I don't know how widely adopted it would be. --
I can even see most of how to plumb it into existing servers without
disrupting other services.

--
Grant. . . .
unix || die

On Saturday, June 26, 2021 at 8:00:47 PM UTC+2, Grant Taylor wrote:
> On 6/26/21 9:57 AM, Stefan Claas wrote:
> > it was years ago requested by some users or remops to set-up Tor
> > Hidden Services for MTAs, but never done with Mixmaster or YAMN. There
> > are instructions available to do so, but then exits would be still
> > available via clearnet.
> Don't many of the Yamn / Mixmaster remailers have Tor Hidden Services?

I am out of the loop, regarding this and therefore don't know.

> Though, my understanding is that the THS' are used for the
> client-to-remailer connection. I'm not aware of THS' being used for the
> remailer-to-remailer connection(s).

Not for Remailers (yet) but I have seen configs for MTAs and .onion
email services.

> I'm fairly confident that the R-to-R use of THS is possible, and I can
> even see most of the path to do it. But it seems like an additional
> layer of complexity and I don't know how widely adopted it would be. --
> I can even see most of how to plumb it into existing servers without
> disrupting other services.

Yes, it is an additional step but for me the remops scene is pretty dead
and not communicative and therefore it would not happen.

Regards
Stefan

On 6/26/21 12:29 PM, Stefan Claas wrote:
> I am out of the loop, regarding this and therefore don't know.

<ASCII shruggie>

I believe that a handful of remailers have THS .onion addresses.

> Not for Remailers (yet) but I have seen configs for MTAs and .onion
> email services.

Configuring an MTA to support .onion addresses, as in receive email at
them, is only a small part of the problem. You need to configure
sending systems to support to .onion addresses. This means that you
need to get provide a way for the MTA to get into the Tor network.
Given how MTAs work, the usual methods of getting into the Tor network
won't work as well as desired.

Then there's the fact that remailers and / or their MTAs need to know
that mixmaster@remailer.example can be accessed via a given THS .onion
address and that it should do so via Tor.

I don't believe that any part of it is particularly difficult. It's
just that multiple parts are going to take a little bit of time to
configure that the entire task is non-trivial. It might not be hard per
se, but it's not a clicky clicky clicky walk through either.

It will also require information that a given remailer address can be
reached via a THS .onion address. Ongoing curation of this information
may be one of the more annoying tasks.

> Yes, it is an additional step but for me the remops scene is pretty dead
> and not communicative and therefore it would not happen.

<ASCII shruggie>

I see traffic here and on the RemOps mailing list. I have no idea how
the volume of traffic over the last couple of years compares with prior
to that.

--
Grant. . . .
unix || die

Given that I made this post just to raise a question of public
discussion I hope interesting. I am pleased that Op as S.Class and
G.Taylor intervened so mission accomplished. :)

Grant Taylor wrote:

> I would think that using TLS and name verification would cover most of
> this.

So i would expect to agree *verified* tls connections between peers.

>> ...pushing the accelerator on authentication and verification of
>> hostnames with technologies such as dnssec, spf, dkim, dmarc, mta-sts.
>
> I want to ask, shocked and aghast, "Do you mean that there are email
> servers that don't do this?!", but I know that there are many.  All but
> MTA-STS has been a norm and, dare I say, best practice for a decade or
> more, in the email server / postmaster community.

To prevent spoofing, phishing, dns cache poisoning making it as default
to join the mixmaster/yamn network.

>> I'd like to understand also what yamn does about masking origins of
>> connections if it does.
>

It’s nice to hear you repeat this :)

Regards

Gabx