We are writing and translate the documentation of protocol...
(This is a work in progress...)
(I am attaching in this mail the "rulez" help file).
Sorry for ver long reply!
OnionMail use standard SMTP and POP3 protocols.
OnionMail is an SMTP/POP3 mail server compatible with all mail clients.
Main informations to know about OnionMail:
Inhibition of store any message in relay server.
Only direct connection is allowed without multiple connections-
Mail messages are saved only in the recipient's server and encrypted
with multiple asymmetric keys.
All messages are saved into an encrypted format:
7 KEYS AES 256 + 2 RSA 2048 keys + SALT. + 1 AES 256 key + SALT for
each message line.
There is an RSA 2048 asymmetric key for each inbox.
The RSA key are encrypted by the use password.
There are two user's password:
SMTP send password. (Decrypt via HASH 7 AES256 + RSA2048 user inbox to
write).
POP3 read password. (Decrypt via HASH 7 AES256 + RSA2048 inbox to read).
The public key sores the message into the inbox.
The private key reads the messages.
An attacker can't read your message with server key.
All data is stored via HASH algorithm.
An attacker can't read metadata with server key.
All files are name into alphanumeric hash name.
An attacker can't associate a single file to any user.
The server's master key can't used to decrypt the users account and read
the messages (without username, and all passwords).
All server are forced to use SSL (in tor network).
The server's master key is not on the server.
When an OnionMail server start it do the "boot" process:
The server negotiates a function F(X) to another server (for each server).
All F(X) have a counter (OTP counter) controlled by the KCTL
autodestruciton certificate.
The administrator of an OnionMail server, can enable or disable the key
without connect to the server.
The server's master keys is calculated via some F(X) and server random data.
The F(X) can't used to get the server's master key.
The server don't know the F(X).
Example:
The server is stolen or seized.
The administrator sends the KCTL certificate for autodestruction, all
F(X) are destroyed and the server become unusable.
All connection between user and server are via tor network using STARTTLS.
The server use POP3 to force the user to read and delete the messages
from server. The unreaded messages are deleted after 60 days.
All files are deleted by wipe.
The server supports natively mailing list. (the temp files is encrypted
via AES256 KEY +1 KEY + SALT for each message line).
There are some exit/enter server:
These servers connect internet to tor and tor to internet.
There is a protocol named VMAT to use normal mail address (without 16
characters onion address).
There are some extended functions accessible via server's bot:
Server's help.
User configurations.
Personal SPAM list (to block spam messages).
VMAT Address verification.
USER SUBSCRIBE.
Mailing list.
VMAT address configuration.
Etc...
The server can use GPG messages to communicate with the users.
For example you can create a mailing list sending to the server an
encrypted message. The you receive an encrypted message (use MYKEY
command first).
All OnionMail server are federate and servers check each other.
When the SSL engine check the certificates:
Check HASH.
Check Public key (full data).
Check Date & time.
In the future we will implements the check via other servers.
The sender is verified via TKIM (similar to DKIM but is used in tor
network), reading MX record (via exit node, not directly or via
federation server list), SMTP session simulation (mail from... tcpt
to... rset... ).
The VMAT address is verified by RSA signature, TORM VMAT LOOKUP SMTP
extension.
The administrator of an OnionMail server can't read your message and
can't know what are the user on the server.
The Administrator can creates a voucher code to use to users subscription.
(In this way the Administrator can know the user identity).
onion.py
This script is a wizard to register a new OnionMail's account.
It configure quickly and simply:
Choose the hidden service.
Create a new OnionMail user.
Activate a new VMAT address (to use without 16 characters).
Create a new GPG key pair up to 16384 bits.
Configure Claws-Mail (account, SSL, inbox).
It simply extract a skel file into the claws-mail directory (if not
exists) ad add an inbox. Then configure account (accountrc file), and
SSL certificates of OnionMail server (certs directory).
The user is registered via RQUS extension of POP3. (OnionMail's
extension to use subscription method via tablet, smartphone and PC).
The script shows a captcha code in ASCIIart.
There are some extensions of SMTP protocol used only by OnionMail.
TORM and TKIM
TKIM is an extension that implements a server authentication like DKIM.
TORM is the main onionmail's extension. Here I list only some of the
descriptions:
TORM PUSH Negotiate a F(X)
TORM DERK Calculate a F(X)
TORM VMAT LOOKUP Verify VMAT address.
TORM IAM I'AM (user by OnionMail manifest and federation list).
TORM WHO Used to verify another SSL certificate.
TORM VMAT TO Used to send message to VMAT user alias.
TORM K Get the RSA public key of this server.
TORM MX Query DNS MX record (only exit server).
Il 12/06/2014 12:40, William Waites ha scritto:
> Hi Anopticon,
>
> I've looked a little bit at OnionMail -- I'm also interested in the
> general problem. But I have difficulty understanding exactly how it
> works. From an end-user perspective it is reasonably clear but the
> operation of the server software doesn't seem to be very well
> explained. For my part (I have nothing to do with the Tails project
> other than as a user) I wouldn't be comfortable using it or
> recommending it without properly understanding what it does. Do you
> have anything that is more like protocol documentation that describes
> exactly what the servers do and how they communicate amongst each other?
> My apologies if it is there and I simply haven't been able to find it.
>
> Best,
> -w
>
>
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
`
,
.`
+ `'
+` ''
+; ''
.+. `'';
+; ,''+
++' .'''
++ '''+
` ++' +''+
+ ++;+''+:
`,:;;''++'';;:+.,+; +''+
`:@#+@#''''''''''''''+'++'+''+`
:#@'##@''''''''''''''''''+'++'+''+'@#;
+@+'##++''''''@@@@@@@@@@@@@@+;++'+'+++#+'+@+`
+##''#+++'''''@@@@@@@@@@@@@@@@@+++;++'+''+++#''+##`
.##+''#++#''''@@@@@@@@@@@@@@@@@@@@+++'+++'''''#++@'''##,
:++'''@+++'''''@@@@@@@@@@@@@@@@@@@@@+++'+++@@'''''+++@'''#++
`#++''++++@''''@@@@@@@@@@''''''''''''';++'++#@@@'''''@++#''''++:
#+#'''@+++@''''@@@@@@@@@''''+++++++++'''++'++@@@@@'''''#+++#'''#+#
,++#'''#+++@''''@@@@@@@@'''++++++'''++++++++'++@@@@@@'''''#+++@'''+++:
@++''''++++#''''@@@@@@@'''+++'''''''''''''+++'+'@@@@@@@'''''@+++@''''++@
@++''''+++++''''@@@@@@@''+++''+++++++++++++'+''+''@@@@@@@'''''++++@''''++#
@++''''@+++++'''@@@@@@@''++''+++@@@@@@@@''+@''''++''@@@@@@''''''++++#''''++#
#+++'''+++++@''''@@@@@@''++''++@@@@@@@@@@@@@@@@@@@++''@@@@@@'''''@++++'''''++@
`++@''''+++++''''@@@@@@''++''+@@@@@@@@@@@@@@@@@@@@@'++''@@@@@''''''+++++''''@++,
+++''''@++++#''''@@@@@@'++''+@@@@@@@@@@@@@@@@@@@@@@'++''@@@@@@'''''@+++++''''+++
;++@''''++++++'''@@@@@@''++'+@@@@@@@@@@@@@@@@@@@@@@@''++'@@@@@@''''''++++#''''#++#
+++'''''+++++''''@@@@@@''+'++@@@@@@@@'++++'@@@@@@@@++'++''@@@@@''''''+++++'''''+++
+++''''@+++++''''@@@@@@'++'+@@@@@@@'+'++++''@@@@@@@++'++''@@@@@''''''#+++++''''#++
++#''''+++++#''''@@@@@@'++'+@@@@@@@+++---++''@@@@@@'+'++''@@@@@''''''@++++@''''@++;
'++@''''+++++@'''@@@@@@''+''+@@@@@@'''| @ |++'@@@@@@'+'++''@@@@@''''''@++++#''''#++@
+++@''''+++++@'''@@@@@@''+''+@@@@@@''+| @|++'@@@@@@'+'++'@@@@@@''''''#++++#''''#++@
.++@''''+++++@''''@@@@@''+''+@@@@@@'++|@@@|+''@@@@@@++'+''@@@@@@''''''@++++#''''@+++
+++''''#+++++''''@@@@@@'++'+@@@@@@''++---+++@@@@@@'+'++'@@@@@@'''''''@++++@''''@++`
+++''''@+++++''''@@@@@@'++'+@@@@@@@++++++++'@@@@@@+'++''@@@@@@'''''''++++++''''+++
@+++''''+++++''''@@@@@@''+'+@@@@@@@'++++++'@@@@@@@'++''@@@@@@''''''''+++++'''''++#
+++''''+++++@'''@@@@@@''++'+@@@@@@@@'''@@@@@@@@@@++''@@@@@@''''''''#++++#''''#++
@+++'''#+++++''''@@@@@@''+''@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@''''''''+++++'''''++@
+++''''+++++#'''@@@@@@@'++''@@@@@@@@@@@@@@@@@@@@@@@@@@@@@'''''''''++++@''''+++
++#''''+++++''''@@@@@@''++''+@@@@@@@@@@@@@+@@@@@@@@@@@''''''''''+++++''''@++
++@'''#++++@'''@@@@@@@''+++'+@@@@@@@@@@''''@@@@@@@@'''''''''''#+++++'''#++`
++@'''@+++++'''@@@@@@@'''++'''++@@@+++++++'''@++'''''''''''''++++#'''#++
#+#'''@++++''''@@@@@@@@'''+++''''''''''''++++''''''''''''''++++@'''@++
;++'''@++++''''@@@@@@@@''''++++++++++++++'''''@@@''''''''+++++'''#+#
#+#''++++++'''@@@@@@@@@@'''''''''''''''''@@@@@@'''''''+++++''++#
.#++''#+++#''''@@@@@@@@@@@@@'''''''@@@@@@@@@@@@''''++++#''+##,
++''++++@''''@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@'''@+++'''#+`
`@##'#+++#''''@@@@@@@@@@@@@@@@@@@@@@@@@@@'''#++++'+#@`
,##++#++#'''''@@@@@@@@@@@@@@@@@@@@@''''+#+#+'##:
`'@+#++#'''''''@@@@@@@@@@@@@''''''#+##+@'.
@@@++#''''''''''''''''''''#+##@@
`:@#@#''''''''''#@@@;`
@@ @@
@@@ @ @ @@@@
@@ @@ @@@@@ @@@ @@@@ @@@@@ @@ @@ @@@@ @@@ @@
@@ @@ @@@@@@ @@@ @@ @@ @@@@@@ @@@@@@ @@ @@@ @@
@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@@@@ @@ @@
@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@
@@@ @@ @@ @@@@ @@@@ @@ @@ @@ @@ @@@@@@ @@@@@ @@@@@@
<Onion Mail's Guide>
[1.0] What's Onion Mail
[1.1] Why should I use Onion Mail?
[2.0] Sending emails
[2.1] Special addresses
[3.0] Communicating with the server
[3.1] Spam list
[4.0] Dealing with unwanted messages with X-Notice headers
----------------------------------------------------------------------------
[1.0] What's Onion Mail:
Onion Mail is a mail server that uses the Tor network, guaranteeing
higher privacy and anonymity of data sent and stored.
The service comprises a SMTP mail server for the sending of messages and
a POP3 server for their reception.
----------------------------------------------------------------------------
[1.1] Why should I use Onion Mail?
To start with, because it allows you to have the same level of privacy,
anonymity and security granted by the Tor network, while using mail
services. This program prevents unauthorized access to data and metadata
from most of " Rogue states' " interception systems.
----------------------------------------------------------------------------
[2.0] Sending emails
(1) Mail messages are saved only in the recipient's server and encrypted
with multiple asymmetric keys.
(2) Using PGP/GPG is encouraged, in some servers or mailing lists its
use could even be compulsory.
(3) Messages, either read or not, are deleted automatically from the
server after a few days of their reception.
(4) An address that's not used to read messages, that's not in use
anymore or that has been signaled as a spammer, can be deleted.
(5) Messages passing from server to server are sent during the same session.
(6) Only mailing lists' messages can be temporarily saved while they are
being sent. Later, they are deleted.
(7) Some addresses are reserved and cannot be assigned to users. (See
section 2.1).
(8) You can, at any moment, ask the server to execute operations by
contacting it through messages. (See section 3.0).
(9) You can signal an address, or a whole onion, as spam. This will make
it impossible to receive any messages from the sender signaled as spam.
After a certain amount of notifications, the malicious sender server's
SysOp will be warned.
(10) Making too many notifications freely, wrong accesses and/or
jeopardizing attempts imply being signaled as spam.
Therefore, notifications are to be used with caution.
----------------------------------------------------------------------------
[2.1] Special addresses:
These addresses have special functions and cannot be assigned to users.
This list shows the addresses' general scheme independent to a specific
server. The symbol '*' is used to express any word.
sysop@ Server Administrator
server@ A bot used to communicate operations to the server (See section 3.0)
*.onion@ Entry/exit node
*.list@ Mailing lists addresses
*.sys@ System addresses
*.op@ SysOps (Can be created only through CLI)
*.app@ Applications' addresses
A SysOp can reserve other addresses for special purposes.
----------------------------------------------------------------------------
[3.0] Communicating with the server
To communicate with the server it's sufficient to send a message to
server@<xyz>.onion (Where <xyz> is identical to your address after "@").
Commands are specified in the messages' subject. On occasion, long
parameters could be needed (e.g., a Public key). If that's the case, the
command will still be in the message's subject, but files and other
parameters are to be put in the message's body.
In any case, a "Thanks" string in the message's body is always appreciated.
List of the main commands:
ADD SPAM:<email>
Adds an email address to your spam list.
Adding a star (*) before the @ will include the whole source server in
the notification.
SPAM LIST
Shows your spam list.
DEL SPAM:<numero>
Removes an address from your spam list.
(See section 3.1 for details)
RULEZ
Sends you a message with the server's rules.
IDENT
Sends you info about the server and about SSL certificates.
REBOUND HEADERS
Re-sends you the headers the way they were received.
EXIT LIST
Sends you the list of the mail entry/exit nodes.
EXIT SET <domain>
Sets the default entry/exit server.
LIST <list address> RULEZ
Sends you the file with the mailing list's information.
LIST <list address> SUBSCRIBE
Subscribes you to the mailing list.
LIST <list address> UNSUBSCRIBE
Removes you from the mailing list.
Errors while sending the message will cause error 500 to be displayed
and the message won't be received by the server.
----------------------------------------------------------------------------
[3.1] Spam List
These operations are performed through server communication (See section
3.0).
The spam list can be obtained by sending a message with "SPAM LIST" as
subject to your own server's bot.
The list will comprise all the addresses (one per line) with a number
next to them.
Example spam list:
1 <super@???>
2 <spam_for_you@???>
3 <*.@spamcorporation.onion>
To remove an address, send a message to the server with "DEL
SPAM:<number>" as subject, where <number> is the number on the left in
the list.
Attention: after this operation you'll have to issue the command "SPAM
LIST" again to obtain the correct new numbers.
The symbol '*' put before the @ symbol in the address indicates that the
whole server is in the spam list. (e.g., The 3rd line blocks all
messages coming from spamcorporation.com.onion)
Wildcards cannot be used. Hence, notifications like this:
<*.fuffa@???> are not valid.
Spam notifications have immediate effect.
If for some reason your address has been signaled as spam, you could
receive an error message while trying to send an email to the address
that blocked you.
The error message is usually:
500 FUCK YOU SPAMMER
If this is the case, the best option is to ask the recipient server's
SysOp to remove the notification.
If while trying to reach the SysOp the same error is displayed, it means
you have been banned from the whole server and you won't be able to
communicate anymore with anyone having the same string after the @
character.
----------------------------------------------------------------------------
[4.0] Dealing with unwanted messages with X-Notice headers
In the eventuality of unwanted messages with X-Notice headers, contact
the SysOp immediately.
You can always contact him at these addresses:
Within the Internet: You can find the address in the
X-Notice header. It usually is in the form sysop.xyz.onion@???
where xyz.onion is the OnionMail server and dominio.ltd is an internet
address of the entry node
Within Tor:
sysop@???
OWNERS AND/OR ADMINISTRATORS OF THE ENTRY/EXIT NODE CANNOT BE HELD
RESPONSIBLE FOR ROUTING AND FOR THE MESSAGES BEING SENT. THIS IS BECAUSE
THE USER CAN SELECT MULTIPLE EXIT NODES AND HENCE CHANGE THE ADDRESS
AFTER THE "@" CHARACTER WITHOUT THE EXIT NODE'S SYSOP KNOWING.
Therefore, it's better to warn the .onion server's administrator with a
simple email.
You can also ask the node's administrator to be put in the exit policy.
This way, the node won't be able to send or receive messages from your
server or address.
----------------------------------------------------------------------------
