OnionMail is an anonymous, encrypted mail server made to run on TOR network without losing the ability to communicate with the Internet. All OnionMail servers are configured as TOR hidden services and use SSL (via STARTTLS). To use OnionMail all you need is an email client connected to the TOR network – Example: Claws-Mail or Thunderbird. All OnionMail servers are connected in a ‘federated network’. All ‘federated servers’ can connect to the Internet via exit/enter servers to forward messages between networks while OnionMail forwards messages between TOR and the Internet in a transparent manner.
Thanks to the TOR network nobody can know:
- Who are you.
- With whom you are communicating.
- If you are communicating.
- What are you reading or writing.
- Where are you.
- Where is the server.
- What you are doing.
List of some OnionMail’s functions:
- Multiple instances of server. (multiple indipendent hidden services).
- Native PGP integration for subscriprion and server`s message.
- Subscription via PGP encrypted email.
- VMAT Protocol (can use normal mail address without .onion).
- SSL cryptography by default. (STARTTLS 2048 bits)
- Multiple encryption everywhere, RSA + AES + RSA + AES with salt.
- Support unicode password (UTF-8 password and 2048 bits keyfiles).
- Inhibition of store any message in relay server.
(Only direct connection is allowed without multiple connections). - Metadata protection. NSA or GCHQ can’t read your metadata.
- SMTP Compatibility.
- Internet normal email compatibility.
- AntiSpam, blacklist and realtime filters.
- Decentralized trust system for SSL certificate and public keys and exit list.
- Native mailing list support.
- Garbage collector to remove automatically old messages.
- Clock and time zone spoofing.
- Server services and operations:
Add / Remove mail address or mail server in blacklist.
Mailing list Subscribe / Unsubscribe.
Request of server “rulez”. (Server help).
(All via mail message to the server directly “server@ xyz… .onion “) - JAVA Implementation for all platform.
- Localhost control port and server API.
- Protected server password and keys not saved on the server.
- IP BlackList
- Onion BlackList
- RSA Server and Tor connection authentication.
- Connections via Tor Network.
- Enter/Exit server to connect Tor to Internet and viceversa.
- Statistics in csv format.
- Strong cryptography (RSA 2048 bits, AES 256 + AES 256 + AES 256 x 7).
- Password key derivation via multiple keyfiles and passwords.
- Deleting files with wipe by default.
- Message headers filtering to hide informations and sigint.
- POP3 TLS Access.
- SMTP TLS Access.
- User’s parameters.
- Exit node selection to connect to internet.
- M.A.T. Protocol to connect correctly Internet, Tor, email and OnionMail.
- Server identification request via email to obtain the ssl certificate fingerprint.
- Self headers rebound to verifiy the client’s mail headers and OnionMail filtering.
- AntiSpam system.
- Web HTTP interface.
- PGP version spoofing.
- Unlimited aliases.
- OnionMail server directory.
- Server configuration wizard.
- User subscription wizard (on TAILS).
- Mail applications interface.
- Mailing list support.
- Hidden mailing list support.
- Text CAPTCHA subscritpion.
- Server’s PGP Keys.
- Editable rulez files.
- Web dynamic pages via OnionMail’s ETEX system.
- Web SVG counter.
- M.A.T. Protocol.
- V.M.A.T. Protocol.
- Autodestruction certificates KCTL.
- Mail queue (only exit server).
- Multi delivery (TOR and Internet addresses).
- TKIM server authentication.
- Mail address authentication.
- Sender verify via SMTP test.
- Remote passphrase server.
- Remote start/stop and controlPort.
- Remote DNS_MX query via exit/enter node.
- F(X) remote keys function (BOOT/PUSH/DERK).
- And much more…
Leave a Reply