2. Security Basics

The largest danger is that your mail client compromises your
anonymity or privacy while composing/sending mail.
Some mail clients add their own Received: header, including
local network addresses and information indicating the software
or the native language of the user. Some mail clients announce
their local IP address as a HELO/EHLO host-name. Some clients
don’t allow you to choose from multiple identities.

All those problems require our special attention.
Since susimail works as a trusted SMTP and POP3 proxy, you’ll always be on the safe side when using it.

Although a normal MUA also has some advantages, it must be carefully configured and tested by
experienced users: try to follow these steps:

  • Get a dedicated mail client for use with I2p mail only

  • Install and configure the system in a way that all configuration data and mail folders are stored on a safe and possibly encrypted partition.
  • Check the configuration. A few mail clients allow the specification of a dedicated HELO host-name to be used

  • Other MUA allow the creation of certain header lines to be prohibited (like Message-ID and Received).

  • Compose a mail and store it in the outgoing folder. Now have a close look at the mail source. Check for any lines relevant to anonymity. This is the way the mail will later be sent to the postman system.

  • Install and configure a PGP compatible software like OpenPGP, GNUPG or enigmail. Public keys of mail users are available from the postman.i2p public address book.

    • Those measures are nothing special but are suggested by common sense. The next chapter will show you more about the composition of a mail and what those fancy header lines do

    ^Back