Преглед на файлове

Notes about onion email addresses

Bob Mottram преди 7 години
родител
ревизия
28d044731b
променени са 2 файла, в които са добавени 263 реда и са изтрити 150 реда
  1. 10
    0
      doc/EN/usage_email.org
  2. 253
    150
      website/EN/usage_email.html

+ 10
- 0
doc/EN/usage_email.org Целия файл

@@ -35,6 +35,8 @@ From https://motherboard.vice.com/read/email-encryption-is-broken:
35 35
 #+BEGIN_QUOTE
36 36
 /The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor/
37 37
 #+END_QUOTE
38
+
39
+A way to avoid these pitfalls altogether is to use onion addresses (see the section below) or [[./app_bdsmail.html][I2P addresses]] for email. These are not so convenient because they use long random strings which aren't memorable as addresses, but they do give a strong assurance that whoever recieves the message is the intended recipient and that emails can't be read passively during their transport across the internet.
38 40
 * Add a password to your GPG key
39 41
 If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
40 42
 
@@ -219,5 +221,13 @@ ssh username@domainname -p 2222
219 221
 #+END_SRC
220 222
 
221 223
 Select /Administrator controls/ then *Email filtering rules* then *Block/Unblock and email address* or *Block/Unblock email with subject line*. Also see the manpage for *freedombone-ignore*.
224
+* Using onion email addresses
225
+By default this system comes with the ability to send and receive emails using onion addresses as the domain name. On the *user control panel* if you select *Show your email address* then you should find one ending with /dot onion/. You will also see a QR code for that address, which provides a simple way to transfer it to a mobile phone if necessary.
226
+
227
+If you want to give your onion email address to someone else securely then you can use the QR code to transfer it to a phone and copy and paste the address into an encrypted chat app, such as Conversations. Of course they will probably also need to be running Freedombone or some system capable of handling onion email addresses.
228
+
229
+When sending email from an onion address it's not strictly necessary to use GPG/PGP. Tor handles the transport security by itself. You can still use it though if you prefer to have an extra layer of message security. You can also still use onion email addresses even if your ISP blocks the typical email ports (25 and 465).
230
+
231
+If you don't make your onion email address public then it should be fairly resisent to spam, since spammers won't be able to randomly guess onion addresses (there are far too many), whereas it's a lot easier for them to do that with conventional domain names.
222 232
 * Using I2P for email transport
223 233
 For the most paranoid use cases it is also possible to use I2P as an email transport mechanism. This will of course require the people you're communicating with to have a similar setup in place. For details see the [[./app_bdsmail.html][bdsmail app]]. An advantage of this is that it's very unlikely that your email will get blocked. The disadvantage is that few others will be capable of receiving email this way, and it's only really usable via the Mutt email client.

+ 253
- 150
website/EN/usage_email.html Целия файл

@@ -3,26 +3,33 @@
3 3
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4 4
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
5 5
 <head>
6
-<title></title>
7
-<!-- 2018-04-12 Thu 13:30 -->
8
-<meta  http-equiv="Content-Type" content="text/html;charset=utf-8" />
9
-<meta  name="generator" content="Org-mode" />
10
-<meta  name="author" content="Bob Mottram" />
11
-<meta  name="description" content="How to use email on Freedombone"
6
+<!-- 2018-04-15 Sun 10:21 -->
7
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
8
+<meta name="viewport" content="width=device-width, initial-scale=1" />
9
+<title>&lrm;</title>
10
+<meta name="generator" content="Org mode" />
11
+<meta name="author" content="Bob Mottram" />
12
+<meta name="description" content="How to use email on Freedombone"
12 13
  />
13
-<meta  name="keywords" content="freedombone, email" />
14
+<meta name="keywords" content="freedombone, email" />
14 15
 <style type="text/css">
15 16
  <!--/*--><![CDATA[/*><!--*/
16
-  .title  { text-align: center; }
17
+  .title  { text-align: center;
18
+             margin-bottom: .2em; }
19
+  .subtitle { text-align: center;
20
+              font-size: medium;
21
+              font-weight: bold;
22
+              margin-top:0; }
17 23
   .todo   { font-family: monospace; color: red; }
18
-  .done   { color: green; }
24
+  .done   { font-family: monospace; color: green; }
25
+  .priority { font-family: monospace; color: orange; }
19 26
   .tag    { background-color: #eee; font-family: monospace;
20 27
             padding: 2px; font-size: 80%; font-weight: normal; }
21 28
   .timestamp { color: #bebebe; }
22 29
   .timestamp-kwd { color: #5f9ea0; }
23
-  .right  { margin-left: auto; margin-right: 0px;  text-align: right; }
24
-  .left   { margin-left: 0px;  margin-right: auto; text-align: left; }
25
-  .center { margin-left: auto; margin-right: auto; text-align: center; }
30
+  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
31
+  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
32
+  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
26 33
   .underline { text-decoration: underline; }
27 34
   #postamble p, #preamble p { font-size: 90%; margin: .2em; }
28 35
   p.verse { margin-left: 3%; }
@@ -49,27 +56,111 @@
49 56
     border: 1px solid black;
50 57
   }
51 58
   pre.src:hover:before { display: inline;}
52
-  pre.src-sh:before    { content: 'sh'; }
53
-  pre.src-bash:before  { content: 'sh'; }
59
+  /* Languages per Org manual */
60
+  pre.src-asymptote:before { content: 'Asymptote'; }
61
+  pre.src-awk:before { content: 'Awk'; }
62
+  pre.src-C:before { content: 'C'; }
63
+  /* pre.src-C++ doesn't work in CSS */
64
+  pre.src-clojure:before { content: 'Clojure'; }
65
+  pre.src-css:before { content: 'CSS'; }
66
+  pre.src-D:before { content: 'D'; }
67
+  pre.src-ditaa:before { content: 'ditaa'; }
68
+  pre.src-dot:before { content: 'Graphviz'; }
69
+  pre.src-calc:before { content: 'Emacs Calc'; }
54 70
   pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
55
-  pre.src-R:before     { content: 'R'; }
56
-  pre.src-perl:before  { content: 'Perl'; }
57
-  pre.src-java:before  { content: 'Java'; }
58
-  pre.src-sql:before   { content: 'SQL'; }
71
+  pre.src-fortran:before { content: 'Fortran'; }
72
+  pre.src-gnuplot:before { content: 'gnuplot'; }
73
+  pre.src-haskell:before { content: 'Haskell'; }
74
+  pre.src-hledger:before { content: 'hledger'; }
75
+  pre.src-java:before { content: 'Java'; }
76
+  pre.src-js:before { content: 'Javascript'; }
77
+  pre.src-latex:before { content: 'LaTeX'; }
78
+  pre.src-ledger:before { content: 'Ledger'; }
79
+  pre.src-lisp:before { content: 'Lisp'; }
80
+  pre.src-lilypond:before { content: 'Lilypond'; }
81
+  pre.src-lua:before { content: 'Lua'; }
82
+  pre.src-matlab:before { content: 'MATLAB'; }
83
+  pre.src-mscgen:before { content: 'Mscgen'; }
84
+  pre.src-ocaml:before { content: 'Objective Caml'; }
85
+  pre.src-octave:before { content: 'Octave'; }
86
+  pre.src-org:before { content: 'Org mode'; }
87
+  pre.src-oz:before { content: 'OZ'; }
88
+  pre.src-plantuml:before { content: 'Plantuml'; }
89
+  pre.src-processing:before { content: 'Processing.js'; }
90
+  pre.src-python:before { content: 'Python'; }
91
+  pre.src-R:before { content: 'R'; }
92
+  pre.src-ruby:before { content: 'Ruby'; }
93
+  pre.src-sass:before { content: 'Sass'; }
94
+  pre.src-scheme:before { content: 'Scheme'; }
95
+  pre.src-screen:before { content: 'Gnu Screen'; }
96
+  pre.src-sed:before { content: 'Sed'; }
97
+  pre.src-sh:before { content: 'shell'; }
98
+  pre.src-sql:before { content: 'SQL'; }
99
+  pre.src-sqlite:before { content: 'SQLite'; }
100
+  /* additional languages in org.el's org-babel-load-languages alist */
101
+  pre.src-forth:before { content: 'Forth'; }
102
+  pre.src-io:before { content: 'IO'; }
103
+  pre.src-J:before { content: 'J'; }
104
+  pre.src-makefile:before { content: 'Makefile'; }
105
+  pre.src-maxima:before { content: 'Maxima'; }
106
+  pre.src-perl:before { content: 'Perl'; }
107
+  pre.src-picolisp:before { content: 'Pico Lisp'; }
108
+  pre.src-scala:before { content: 'Scala'; }
109
+  pre.src-shell:before { content: 'Shell Script'; }
110
+  pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
111
+  /* additional language identifiers per "defun org-babel-execute"
112
+       in ob-*.el */
113
+  pre.src-cpp:before  { content: 'C++'; }
114
+  pre.src-abc:before  { content: 'ABC'; }
115
+  pre.src-coq:before  { content: 'Coq'; }
116
+  pre.src-groovy:before  { content: 'Groovy'; }
117
+  /* additional language identifiers from org-babel-shell-names in
118
+     ob-shell.el: ob-shell is the only babel language using a lambda to put
119
+     the execution function name together. */
120
+  pre.src-bash:before  { content: 'bash'; }
121
+  pre.src-csh:before  { content: 'csh'; }
122
+  pre.src-ash:before  { content: 'ash'; }
123
+  pre.src-dash:before  { content: 'dash'; }
124
+  pre.src-ksh:before  { content: 'ksh'; }
125
+  pre.src-mksh:before  { content: 'mksh'; }
126
+  pre.src-posh:before  { content: 'posh'; }
127
+  /* Additional Emacs modes also supported by the LaTeX listings package */
128
+  pre.src-ada:before { content: 'Ada'; }
129
+  pre.src-asm:before { content: 'Assembler'; }
130
+  pre.src-caml:before { content: 'Caml'; }
131
+  pre.src-delphi:before { content: 'Delphi'; }
132
+  pre.src-html:before { content: 'HTML'; }
133
+  pre.src-idl:before { content: 'IDL'; }
134
+  pre.src-mercury:before { content: 'Mercury'; }
135
+  pre.src-metapost:before { content: 'MetaPost'; }
136
+  pre.src-modula-2:before { content: 'Modula-2'; }
137
+  pre.src-pascal:before { content: 'Pascal'; }
138
+  pre.src-ps:before { content: 'PostScript'; }
139
+  pre.src-prolog:before { content: 'Prolog'; }
140
+  pre.src-simula:before { content: 'Simula'; }
141
+  pre.src-tcl:before { content: 'tcl'; }
142
+  pre.src-tex:before { content: 'TeX'; }
143
+  pre.src-plain-tex:before { content: 'Plain TeX'; }
144
+  pre.src-verilog:before { content: 'Verilog'; }
145
+  pre.src-vhdl:before { content: 'VHDL'; }
146
+  pre.src-xml:before { content: 'XML'; }
147
+  pre.src-nxml:before { content: 'XML'; }
148
+  /* add a generic configuration mode; LaTeX export needs an additional
149
+     (add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
150
+  pre.src-conf:before { content: 'Configuration File'; }
59 151
 
60 152
   table { border-collapse:collapse; }
61 153
   caption.t-above { caption-side: top; }
62 154
   caption.t-bottom { caption-side: bottom; }
63 155
   td, th { vertical-align:top;  }
64
-  th.right  { text-align: center;  }
65
-  th.left   { text-align: center;   }
66
-  th.center { text-align: center; }
67
-  td.right  { text-align: right;  }
68
-  td.left   { text-align: left;   }
69
-  td.center { text-align: center; }
156
+  th.org-right  { text-align: center;  }
157
+  th.org-left   { text-align: center;   }
158
+  th.org-center { text-align: center; }
159
+  td.org-right  { text-align: right;  }
160
+  td.org-left   { text-align: left;   }
161
+  td.org-center { text-align: center; }
70 162
   dt { font-weight: bold; }
71
-  .footpara:nth-child(2) { display: inline; }
72
-  .footpara { display: block; }
163
+  .footpara { display: inline; }
73 164
   .footdef  { margin-bottom: 1em; }
74 165
   .figure { padding: 1em; }
75 166
   .figure p { text-align: center; }
@@ -89,6 +180,7 @@
89 180
     { font-size: 10px; font-weight: bold; white-space: nowrap; }
90 181
   .org-info-js_search-highlight
91 182
     { background-color: #ffff00; color: #000000; font-weight: bold; }
183
+  .org-svg { width: 90%; }
92 184
   /*]]>*/-->
93 185
 </style>
94 186
 <link rel="stylesheet" type="text/css" href="freedombone.css" />
@@ -97,7 +189,7 @@
97 189
 @licstart  The following is the entire license notice for the
98 190
 JavaScript code in this tag.
99 191
 
100
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
192
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
101 193
 
102 194
 The JavaScript code in this tag is free software: you can
103 195
 redistribute it and/or modify it under the terms of the GNU
@@ -144,7 +236,6 @@ for the JavaScript code in this tag.
144 236
 <a name="top" id="top"></a>
145 237
 </div>
146 238
 <div id="content">
147
-<h1 class="title"></h1>
148 239
 
149 240
 <div class="figure">
150 241
 <p><img src="images/logo.png" alt="logo.png" width="80%" height="10%" align="center" />
@@ -155,58 +246,58 @@ for the JavaScript code in this tag.
155 246
 
156 247
 
157 248
 <colgroup>
158
-<col  class="left" />
249
+<col  class="org-left" />
159 250
 </colgroup>
160 251
 <tbody>
161 252
 <tr>
162
-<td class="left"><a href="#sec-1">Things to be aware of</a></td>
253
+<td class="org-left"><a href="#orgd5f2e56">Things to be aware of</a></td>
163 254
 </tr>
164 255
 
165 256
 <tr>
166
-<td class="left"><a href="#sec-2">A technical note about email transport security</a></td>
257
+<td class="org-left"><a href="#org48a61cb">A technical note about email transport security</a></td>
167 258
 </tr>
168 259
 
169 260
 <tr>
170
-<td class="left"><a href="#sec-3">Add a password to your GPG key</a></td>
261
+<td class="org-left"><a href="#org1b10215">Add a password to your GPG key</a></td>
171 262
 </tr>
172 263
 
173 264
 <tr>
174
-<td class="left"><a href="#sec-4">Publishing your GPG public key</a></td>
265
+<td class="org-left"><a href="#org1ef897d">Publishing your GPG public key</a></td>
175 266
 </tr>
176 267
 
177 268
 <tr>
178
-<td class="left"><a href="#sec-5">Mutt email client</a></td>
269
+<td class="org-left"><a href="#org8a05b94">Mutt email client</a></td>
179 270
 </tr>
180 271
 
181 272
 <tr>
182
-<td class="left"><a href="#sec-6">Thunderbird/Icedove</a></td>
273
+<td class="org-left"><a href="#org2924dea">Thunderbird/Icedove</a></td>
183 274
 </tr>
184 275
 
185 276
 <tr>
186
-<td class="left"><a href="#sec-7">Android apps</a></td>
277
+<td class="org-left"><a href="#org787310f">Android apps</a></td>
187 278
 </tr>
188 279
 
189 280
 <tr>
190
-<td class="left"><a href="#sec-8">Subscribing to mailing lists</a></td>
281
+<td class="org-left"><a href="#org7d93f5a">Subscribing to mailing lists</a></td>
191 282
 </tr>
192 283
 
193 284
 <tr>
194
-<td class="left"><a href="#sec-9">Adding email addresses to a group/folder</a></td>
285
+<td class="org-left"><a href="#org351d48f">Adding email addresses to a group/folder</a></td>
195 286
 </tr>
196 287
 
197 288
 <tr>
198
-<td class="left"><a href="#sec-10">Ignoring incoming emails</a></td>
289
+<td class="org-left"><a href="#org8827ad0">Ignoring incoming emails</a></td>
199 290
 </tr>
200 291
 
201 292
 <tr>
202
-<td class="left"><a href="#sec-11">Using I2P for email transport</a></td>
293
+<td class="org-left"><a href="#orga30bcb7">Using I2P for email transport</a></td>
203 294
 </tr>
204 295
 </tbody>
205 296
 </table>
206 297
 
207
-<div id="outline-container-sec-1" class="outline-2">
208
-<h2 id="sec-1">Things to be aware of</h2>
209
-<div class="outline-text-2" id="text-1">
298
+<div id="outline-container-orgd5f2e56" class="outline-2">
299
+<h2 id="orgd5f2e56">Things to be aware of</h2>
300
+<div class="outline-text-2" id="text-orgd5f2e56">
210 301
 <p>
211 302
 Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register.
212 303
 </p>
@@ -220,9 +311,9 @@ So if you want to use your own email address hosted on your own system you do ne
220 311
 </p>
221 312
 </div>
222 313
 </div>
223
-<div id="outline-container-sec-2" class="outline-2">
224
-<h2 id="sec-2">A technical note about email transport security</h2>
225
-<div class="outline-text-2" id="text-2">
314
+<div id="outline-container-org48a61cb" class="outline-2">
315
+<h2 id="org48a61cb">A technical note about email transport security</h2>
316
+<div class="outline-text-2" id="text-org48a61cb">
226 317
 <p>
227 318
 Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are <a href="https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks">possible attacks against STARTTLS</a> in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
228 319
 </p>
@@ -236,23 +327,26 @@ From <a href="https://motherboard.vice.com/read/email-encryption-is-broken">http
236 327
 <i>The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor</i>
237 328
 </p>
238 329
 </blockquote>
330
+
331
+<p>
332
+A way to avoid these pitfalls altogether is to use onion addresses (see the section below) or <a href="./app_bdsmail.html">I2P addresses</a> for email. These are not so convenient because they use long random strings which aren't memorable as addresses, but they do give a strong assurance that whoever recieves the message is the intended recipient and that emails can't be read passively during their transport across the internet.
333
+</p>
239 334
 </div>
240 335
 </div>
241
-<div id="outline-container-sec-3" class="outline-2">
242
-<h2 id="sec-3">Add a password to your GPG key</h2>
243
-<div class="outline-text-2" id="text-3">
336
+<div id="outline-container-org1b10215" class="outline-2">
337
+<h2 id="org1b10215">Add a password to your GPG key</h2>
338
+<div class="outline-text-2" id="text-org1b10215">
244 339
 <p>
245 340
 If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
246 341
 </p>
247 342
 
248 343
 <div class="org-src-container">
249
-
250 344
 <pre class="src src-bash">ssh username@domainname -p 2222
251 345
 gpg --edit-key username@domain
252 346
 passwd
253 347
 save
254 348
 quit
255
-exit
349
+<span class="org-keyword">exit</span>
256 350
 </pre>
257 351
 </div>
258 352
 
@@ -262,25 +356,24 @@ Having a password on your GPG key will prevent someone from reading your email <
262 356
 </div>
263 357
 </div>
264 358
 
265
-<div id="outline-container-sec-4" class="outline-2">
266
-<h2 id="sec-4">Publishing your GPG public key</h2>
267
-<div class="outline-text-2" id="text-4">
359
+<div id="outline-container-org1ef897d" class="outline-2">
360
+<h2 id="org1ef897d">Publishing your GPG public key</h2>
361
+<div class="outline-text-2" id="text-org1ef897d">
268 362
 <p>
269 363
 If you havn't already then you should publish your GPG public key so that others can find it.
270 364
 </p>
271 365
 
272 366
 <div class="org-src-container">
273
-
274 367
 <pre class="src src-bash">ssh username@domainname -p 2222
275 368
 gpg --send-keys username@domainname
276
-exit
369
+<span class="org-keyword">exit</span>
277 370
 </pre>
278 371
 </div>
279 372
 </div>
280 373
 </div>
281
-<div id="outline-container-sec-5" class="outline-2">
282
-<h2 id="sec-5">Mutt email client</h2>
283
-<div class="outline-text-2" id="text-5">
374
+<div id="outline-container-org8a05b94" class="outline-2">
375
+<h2 id="org8a05b94">Mutt email client</h2>
376
+<div class="outline-text-2" id="text-org8a05b94">
284 377
 
285 378
 <div class="figure">
286 379
 <p><img src="./images/mutt.jpeg" alt="mutt.jpeg" width="80%" align="center" />
@@ -292,7 +385,6 @@ Mutt is a terminal based email client which comes already installed onto the Fre
292 385
 </p>
293 386
 
294 387
 <div class="org-src-container">
295
-
296 388
 <pre class="src src-bash">ssh username@domainname -p 2222
297 389
 </pre>
298 390
 </div>
@@ -313,124 +405,124 @@ Some useful keys to know are:
313 405
 
314 406
 
315 407
 <colgroup>
316
-<col  class="left" />
408
+<col  class="org-left" />
317 409
 
318
-<col  class="left" />
410
+<col  class="org-left" />
319 411
 </colgroup>
320 412
 <tbody>
321 413
 <tr>
322
-<td class="left">"/"</td>
323
-<td class="left">Search for text within headers</td>
414
+<td class="org-left">"/"</td>
415
+<td class="org-left">Search for text within headers</td>
324 416
 </tr>
325 417
 
326 418
 <tr>
327
-<td class="left">*</td>
328
-<td class="left">Move to the last message</td>
419
+<td class="org-left">*</td>
420
+<td class="org-left">Move to the last message</td>
329 421
 </tr>
330 422
 
331 423
 <tr>
332
-<td class="left">TAB</td>
333
-<td class="left">Move to the next unread message</td>
424
+<td class="org-left">TAB</td>
425
+<td class="org-left">Move to the next unread message</td>
334 426
 </tr>
335 427
 
336 428
 <tr>
337
-<td class="left">d</td>
338
-<td class="left">Delete a message</td>
429
+<td class="org-left">d</td>
430
+<td class="org-left">Delete a message</td>
339 431
 </tr>
340 432
 
341 433
 <tr>
342
-<td class="left">u</td>
343
-<td class="left">Undelete a mail which is pending deletion</td>
434
+<td class="org-left">u</td>
435
+<td class="org-left">Undelete a mail which is pending deletion</td>
344 436
 </tr>
345 437
 
346 438
 <tr>
347
-<td class="left">$</td>
348
-<td class="left">Delete all messages selected and check for new messages</td>
439
+<td class="org-left">$</td>
440
+<td class="org-left">Delete all messages selected and check for new messages</td>
349 441
 </tr>
350 442
 
351 443
 <tr>
352
-<td class="left">a</td>
353
-<td class="left">Add to the address book</td>
444
+<td class="org-left">a</td>
445
+<td class="org-left">Add to the address book</td>
354 446
 </tr>
355 447
 
356 448
 <tr>
357
-<td class="left">m</td>
358
-<td class="left">Send a new mail</td>
449
+<td class="org-left">m</td>
450
+<td class="org-left">Send a new mail</td>
359 451
 </tr>
360 452
 
361 453
 <tr>
362
-<td class="left">ESC-m</td>
363
-<td class="left">Mark all messages as having been read</td>
454
+<td class="org-left">ESC-m</td>
455
+<td class="org-left">Mark all messages as having been read</td>
364 456
 </tr>
365 457
 
366 458
 <tr>
367
-<td class="left">S</td>
368
-<td class="left">Mark a message as spam</td>
459
+<td class="org-left">S</td>
460
+<td class="org-left">Mark a message as spam</td>
369 461
 </tr>
370 462
 
371 463
 <tr>
372
-<td class="left">H</td>
373
-<td class="left">Mark a message as ham</td>
464
+<td class="org-left">H</td>
465
+<td class="org-left">Mark a message as ham</td>
374 466
 </tr>
375 467
 
376 468
 <tr>
377
-<td class="left">CTRL-b</td>
378
-<td class="left">Toggle side bar on/off</td>
469
+<td class="org-left">CTRL-b</td>
470
+<td class="org-left">Toggle side bar on/off</td>
379 471
 </tr>
380 472
 
381 473
 <tr>
382
-<td class="left">CTRL-n</td>
383
-<td class="left">Next mailbox (on side bar)</td>
474
+<td class="org-left">CTRL-n</td>
475
+<td class="org-left">Next mailbox (on side bar)</td>
384 476
 </tr>
385 477
 
386 478
 <tr>
387
-<td class="left">CTRL-p</td>
388
-<td class="left">Previous mailbox (on side bar)</td>
479
+<td class="org-left">CTRL-p</td>
480
+<td class="org-left">Previous mailbox (on side bar)</td>
389 481
 </tr>
390 482
 
391 483
 <tr>
392
-<td class="left">CTRL-o</td>
393
-<td class="left">Open mailbox (on side bar)</td>
484
+<td class="org-left">CTRL-o</td>
485
+<td class="org-left">Open mailbox (on side bar)</td>
394 486
 </tr>
395 487
 
396 488
 <tr>
397
-<td class="left">r</td>
398
-<td class="left">Reply to an email</td>
489
+<td class="org-left">r</td>
490
+<td class="org-left">Reply to an email</td>
399 491
 </tr>
400 492
 
401 493
 <tr>
402
-<td class="left">L</td>
403
-<td class="left">Reply to a mailing list email</td>
494
+<td class="org-left">L</td>
495
+<td class="org-left">Reply to a mailing list email</td>
404 496
 </tr>
405 497
 
406 498
 <tr>
407
-<td class="left">]</td>
408
-<td class="left">Expand or collapse all threads</td>
499
+<td class="org-left">]</td>
500
+<td class="org-left">Expand or collapse all threads</td>
409 501
 </tr>
410 502
 
411 503
 <tr>
412
-<td class="left">[</td>
413
-<td class="left">Expand of collapse the current thread</td>
504
+<td class="org-left">[</td>
505
+<td class="org-left">Expand of collapse the current thread</td>
414 506
 </tr>
415 507
 
416 508
 <tr>
417
-<td class="left">CTRL-k</td>
418
-<td class="left">Import a PGP/GPG public key</td>
509
+<td class="org-left">CTRL-k</td>
510
+<td class="org-left">Import a PGP/GPG public key</td>
419 511
 </tr>
420 512
 
421 513
 <tr>
422
-<td class="left">v</td>
423
-<td class="left">View current email in different formats, such as HTML</td>
514
+<td class="org-left">v</td>
515
+<td class="org-left">View current email in different formats, such as HTML</td>
424 516
 </tr>
425 517
 
426 518
 <tr>
427
-<td class="left">CTRL-u</td>
428
-<td class="left">View long URLs</td>
519
+<td class="org-left">CTRL-u</td>
520
+<td class="org-left">View long URLs</td>
429 521
 </tr>
430 522
 
431 523
 <tr>
432
-<td class="left">q</td>
433
-<td class="left">Quit</td>
524
+<td class="org-left">q</td>
525
+<td class="org-left">Quit</td>
434 526
 </tr>
435 527
 </tbody>
436 528
 </table>
@@ -453,9 +545,9 @@ There is one irksome thing about email within mutt, and that's if you get sent a
453 545
 </div>
454 546
 </div>
455 547
 
456
-<div id="outline-container-sec-6" class="outline-2">
457
-<h2 id="sec-6">Thunderbird/Icedove</h2>
458
-<div class="outline-text-2" id="text-6">
548
+<div id="outline-container-org2924dea" class="outline-2">
549
+<h2 id="org2924dea">Thunderbird/Icedove</h2>
550
+<div class="outline-text-2" id="text-org2924dea">
459 551
 <p>
460 552
 Another common way in which you may want to access email is via Thunderbird (also known as Icedove on Debian).  This may be especially useful if you're trying to convert former Windows users who may previously have been using some version of Outlook.
461 553
 </p>
@@ -465,9 +557,9 @@ The following instructions should be carried out on the client machines (laptop,
465 557
 </p>
466 558
 </div>
467 559
 
468
-<div id="outline-container-sec-6-0-1" class="outline-4">
469
-<h4 id="sec-6-0-1">Initial setup</h4>
470
-<div class="outline-text-4" id="text-6-0-1">
560
+<div id="outline-container-orged0c1fb" class="outline-4">
561
+<h4 id="orged0c1fb">Initial setup</h4>
562
+<div class="outline-text-4" id="text-orged0c1fb">
471 563
 <p>
472 564
 Install <b>Thunderbird</b> and <b>Enigmail</b>.  How you do this just depends upon your distro and software manager or "app store".
473 565
 </p>
@@ -493,12 +585,9 @@ The settings should be as follows, substituting <i>mydomainname.com</i> for your
493 585
 </p>
494 586
 
495 587
 <ul class="org-ul">
496
-<li>Incoming: IMAP, mydomainname.com, 993, SSL/TLS, Normal Password
497
-</li>
498
-<li>Outgoing: SMTP, mydomainname.com, 465, SSL/TLS, Normal Password
499
-</li>
500
-<li>Username: myusername
501
-</li>
588
+<li>Incoming: IMAP, mydomainname.com, 993, SSL/TLS, Normal Password</li>
589
+<li>Outgoing: SMTP, mydomainname.com, 465, SSL/TLS, Normal Password</li>
590
+<li>Username: myusername</li>
502 591
 </ul>
503 592
 
504 593
 <p>
@@ -526,15 +615,14 @@ Select "<b>yes</b>" to change default settings.
526 615
 </p>
527 616
 </div>
528 617
 </div>
529
-<div id="outline-container-sec-6-0-2" class="outline-4">
530
-<h4 id="sec-6-0-2">Import your GPG keys</h4>
531
-<div class="outline-text-4" id="text-6-0-2">
618
+<div id="outline-container-orgc277e0c" class="outline-4">
619
+<h4 id="orgc277e0c">Import your GPG keys</h4>
620
+<div class="outline-text-4" id="text-orgc277e0c">
532 621
 <p>
533 622
 On the Freedombone export your GPG public and private keys.
534 623
 </p>
535 624
 
536 625
 <div class="org-src-container">
537
-
538 626
 <pre class="src src-bash">ssh username@domainname -p 2222
539 627
 gpg --list-keys username@domainname
540 628
 gpg --output ~/public_key.gpg --armor --export KEY_ID
@@ -547,7 +635,6 @@ On your laptop or desktop you can import the keys with:
547 635
 </p>
548 636
 
549 637
 <div class="org-src-container">
550
-
551 638
 <pre class="src src-bash">scp -P 2222 username@domain:/home/username/*.gpg ~/
552 639
 </pre>
553 640
 </div>
@@ -569,7 +656,6 @@ Remove your exported key files, both on your laptop/desktop and also on the Free
569 656
 </p>
570 657
 
571 658
 <div class="org-src-container">
572
-
573 659
 <pre class="src src-bash">shred -zu ~/public_key.gpg
574 660
 shred -zu ~/private_key.gpg
575 661
 </pre>
@@ -577,9 +663,9 @@ shred -zu ~/private_key.gpg
577 663
 </div>
578 664
 </div>
579 665
 
580
-<div id="outline-container-sec-6-0-3" class="outline-4">
581
-<h4 id="sec-6-0-3">Using for the first time</h4>
582
-<div class="outline-text-4" id="text-6-0-3">
666
+<div id="outline-container-org651a746" class="outline-4">
667
+<h4 id="org651a746">Using for the first time</h4>
668
+<div class="outline-text-4" id="text-org651a746">
583 669
 <p>
584 670
 Click on the Thunderbird menu, which looks like three horizontal bars on the right hand side.
585 671
 </p>
@@ -614,9 +700,9 @@ Get into the habit of using email encryption and encourage others to do so.  Rem
614 700
 </div>
615 701
 </div>
616 702
 
617
-<div id="outline-container-sec-6-0-4" class="outline-4">
618
-<h4 id="sec-6-0-4">Making folders visible</h4>
619
-<div class="outline-text-4" id="text-6-0-4">
703
+<div id="outline-container-orge19cc4d" class="outline-4">
704
+<h4 id="orge19cc4d">Making folders visible</h4>
705
+<div class="outline-text-4" id="text-orge19cc4d">
620 706
 <p>
621 707
 By default you won't be able to see any folders which you may have created earlier using the <i>mailinglistrule</i> script.  To make folders visible select:
622 708
 </p>
@@ -632,23 +718,22 @@ Make sure that "<b>show only subscribed folders</b>" is not checked.  Then click
632 718
 </div>
633 719
 </div>
634 720
 
635
-<div id="outline-container-sec-7" class="outline-2">
636
-<h2 id="sec-7">Android apps</h2>
637
-<div class="outline-text-2" id="text-7">
721
+<div id="outline-container-org787310f" class="outline-2">
722
+<h2 id="org787310f">Android apps</h2>
723
+<div class="outline-text-2" id="text-org787310f">
638 724
 <p>
639 725
 Mobile devices have a reputation for being quite insecure, so it's recommended that you don't store emails or GPG keys on your phone. Instead <a href="./app_mailpile.html">install Mailpile</a> and access your email via the webmail interface.
640 726
 </p>
641 727
 </div>
642 728
 </div>
643
-<div id="outline-container-sec-8" class="outline-2">
644
-<h2 id="sec-8">Subscribing to mailing lists</h2>
645
-<div class="outline-text-2" id="text-8">
729
+<div id="outline-container-org7d93f5a" class="outline-2">
730
+<h2 id="org7d93f5a">Subscribing to mailing lists</h2>
731
+<div class="outline-text-2" id="text-org7d93f5a">
646 732
 <p>
647 733
 To subscribe to a mailing list log in as your user (i.e. not the root user).
648 734
 </p>
649 735
 
650 736
 <div class="org-src-container">
651
-
652 737
 <pre class="src src-bash">ssh username@domainname -p 2222
653 738
 </pre>
654 739
 </div>
@@ -658,15 +743,14 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
658 743
 </p>
659 744
 </div>
660 745
 </div>
661
-<div id="outline-container-sec-9" class="outline-2">
662
-<h2 id="sec-9">Adding email addresses to a group/folder</h2>
663
-<div class="outline-text-2" id="text-9">
746
+<div id="outline-container-org351d48f" class="outline-2">
747
+<h2 id="org351d48f">Adding email addresses to a group/folder</h2>
748
+<div class="outline-text-2" id="text-org351d48f">
664 749
 <p>
665 750
 Similar to adding mailing list folders you can also add specified email addresses into a group/folder.
666 751
 </p>
667 752
 
668 753
 <div class="org-src-container">
669
-
670 754
 <pre class="src src-bash">ssh username@domainname -p 2222
671 755
 </pre>
672 756
 </div>
@@ -676,15 +760,14 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
676 760
 </p>
677 761
 </div>
678 762
 </div>
679
-<div id="outline-container-sec-10" class="outline-2">
680
-<h2 id="sec-10">Ignoring incoming emails</h2>
681
-<div class="outline-text-2" id="text-10">
763
+<div id="outline-container-org8827ad0" class="outline-2">
764
+<h2 id="org8827ad0">Ignoring incoming emails</h2>
765
+<div class="outline-text-2" id="text-org8827ad0">
682 766
 <p>
683 767
 It is possible to ignore incoming emails if they are from a particular email address or if the subject line contains particular text.
684 768
 </p>
685 769
 
686 770
 <div class="org-src-container">
687
-
688 771
 <pre class="src src-bash">ssh username@domainname -p 2222
689 772
 </pre>
690 773
 </div>
@@ -694,9 +777,29 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>B
694 777
 </p>
695 778
 </div>
696 779
 </div>
697
-<div id="outline-container-sec-11" class="outline-2">
698
-<h2 id="sec-11">Using I2P for email transport</h2>
699
-<div class="outline-text-2" id="text-11">
780
+<div id="outline-container-org6796124" class="outline-2">
781
+<h2 id="org6796124">Using onion email addresses</h2>
782
+<div class="outline-text-2" id="text-org6796124">
783
+<p>
784
+By default this system comes with the ability to send and receive emails using onion addresses as the domain name. On the <b>user control panel</b> if you select <b>Show your email address</b> then you should find one ending with <i>dot onion</i>. You will also see a QR code for that address, which provides a simple way to transfer it to a mobile phone if necessary.
785
+</p>
786
+
787
+<p>
788
+If you want to give your onion email address to someone else securely then you can use the QR code to transfer it to a phone and copy and paste the address into an encrypted chat app, such as Conversations. Of course they will probably also need to be running Freedombone or some system capable of handling onion email addresses.
789
+</p>
790
+
791
+<p>
792
+When sending email from an onion address it's not strictly necessary to use GPG/PGP. Tor handles the transport security by itself. You can still use it though if you prefer to have an extra layer of message security. You can also still use onion email addresses even if your ISP blocks the typical email ports (25 and 465).
793
+</p>
794
+
795
+<p>
796
+If you don't make your onion email address public then it should be fairly resisent to spam, since spammers won't be able to randomly guess onion addresses (there are far too many), whereas it's a lot easier for them to do that with conventional domain names.
797
+</p>
798
+</div>
799
+</div>
800
+<div id="outline-container-orga30bcb7" class="outline-2">
801
+<h2 id="orga30bcb7">Using I2P for email transport</h2>
802
+<div class="outline-text-2" id="text-orga30bcb7">
700 803
 <p>
701 804
 For the most paranoid use cases it is also possible to use I2P as an email transport mechanism. This will of course require the people you're communicating with to have a similar setup in place. For details see the <a href="./app_bdsmail.html">bdsmail app</a>. An advantage of this is that it's very unlikely that your email will get blocked. The disadvantage is that few others will be capable of receiving email this way, and it's only really usable via the Mutt email client.
702 805
 </p>