[Remops] Remailer Facelift
Jeremy Bentham Admin
jeremyadmin at anemone.mooo.com
Fri Apr 25 12:14:33 BST 2014
SSH tunneling between remailers will be problematic. It will require
each remailer to have login credentials on all other remailers.
Why not instead mandate client certificates on a required TLS/SMTP
link between remailers? We could put together some kind of private CA
signing process for the TLS certificates. I think most of us use
postfix on our remailers - the mechanism for doing this with postfix
is described here:
http://www.postfix.org/TLS_README.html#client_cert_key
On Thu, Apr 24, 2014 at 08:40:34PM -0500, Cypher wrote:
>3. Delivery will be done as it is now by Postfix/Sendmail except the
>connections between SMTP servers will be /encrypted/ using an SSH
>connection. This is a rehash of a concept originally developed by
>Crypto and Matt Ghio in the 1990's. The information on how to do this
>yourself can be obtained from the documentation on port forwarding on
>the SSH man page. We'll also provide documentation on how to easily
>set up SSH connections between remailers. YMMV.
--
Jeremy Bentham Remailer Admin
Key fingerprint = D7DE B0DF E6F9 9256 A070 B841 1942 840B 8743 B6B5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.mixmin.net/pipermail/remops/attachments/20140425/bc30c943/attachment.sig>
More information about the Remops
mailing list