9 Easy Steps- An OSX Tutorial for Setting up Tormail with Thunderbird/Enigmail

**lazyvegan** · 06-01-2012 09:50

Not sure if this is the right forum, please move in need be, but it's technology/security related, and something i'm sure many here will apprieciate..

so here's my, 'very' well researched and written,
Tormail/Thunderbird/Enigmail/GPG user guide for OSX.
For running GPGmail with a torbased mailserver over the tor
network. What more could u ask for? besides a personal tor hidden
server? its only recently this was even (realistically) a
possiblilty for the average joe ya know? there's at least been very
few free tor based email services that ive been aware of...

but i gotz it figured out (cuz i got it like that!

)...for us mac
users at least..cuz no one else has yet. or they at least haven't
posted/published it anywhere i've seen, and i know my way around...

i mean, wouldnt you ultimately prefer if you
had a torbased email with ZERO possibility of your IP/location
ever being traced from the time you sign up to....'ever'?

required (but simple) intergrated end-to-end GPG? all sent over the tor-
network? by looking out for others safety, you can further garnauntee your own, see?

cuz if you could 100% eliminate the possibility of 'anyone'
knowing the IP/location of even ONE of your yur closest friends
using TOR/GPG, your ultimately protecting both them AND
yourself...cuz ya never know...

a 'personally' GPG encrypted mail sent over
tor, instead of a 3rd party like hush, who has my/your key, IP,
ect?. i dunno. i think its a sweet idea. and no one has
published a "how to" guide for osx on this. even the one on SR sux IMO. until now. if u dig it, spread it around to your
OSX friends. it will ultimately only increase
your own security. it really is the next step IMHO..there's an equivilant 'how-to' for windoxe on SR i
could post if u like...

peace

------------

but here's my osx "how to" guide....

9 Easy Steps- An OSX Tutorial for Setting up Tormail with
Thunderbird/Enigmail

Hey there phluffy..

So there’s many ways to use GPG on OSX to encrypt your emails and
documents, ect, but “by golly” if I haven’t had the hardest time
figuring it all out. Especially in combination with a TOR-based
hidden email service like Tormail.net. And I’m ‘considerably’
computer-savvy, so I just thought perhaps there might be others out
there that could use some advice from what I have learned.

It’s only recently this particular security combination was even
(reasonably) “possible”, specifically, the ability to integrate GPG
based encryption with a TOR-based hidden email service. This gives
both you, and (potentially) those you communicate with, the comfort
of knowing that the IP/location associated with your(or their) email when you
signed up was untraceable from the “very” start and “always” will
be every time you(or they) access it.

Add 2 cups of GPG, and you really can’t get much more anonymous
online. Period. Using public wi-fi from a dedicated comp/usb stick,
using IMAP/POP3 to download/decrypt/respond and re-encrypt emails
offline, running all apps/storing files on a dual-
partitioned/encrypted usb stick (using Tails, Truecrypt, ect) and
perhaps some MAC-spoofing never hurts though.

Cuz unless you wanna run your own TOR-based hidden mail server, or
send smoke signals or something, this seems one of the best current
options for the average individual wishing to TRULY communicate or
send encrypted files anonymously with others online. Defintlely
much safer than services like hushmail, safe-mail, ect, where a
third party still has control of YOUR “private” key…ya know?

So in the hopes of saving some fellow mac-heads a lot of time, and
in the interest of harm-reduction and personal security from those
in the world who may be under scrutiny from oppressive governments
and malicious regimes out to investigate and potentially
incarcerate otherwise innocent individuals who have chosen to do
nothing more than express their god(ish) given RIGHT to do
“whatever the fuck they want” with their, own mind, body, and
soul….for them. For YOU. I write this…

So onto the good stuff. You will need:

1. It used to be you needed a copy of GnuPG for OSX available
here:

http://macgpg.sourceforge.net/

But as it says on their homepage, the project has been handed over
to:

2. GPGTools: www.gpgtools.org.

Just download their current bundle and you’ll get GnuPG
automatically installed, which is essential to get GPG workin on
your Mac. Unless you choose a custom install, it gets installed
along with:

• Integrated GPGMail (OS X 10.5 to 10.7, Universal).
• Integrated GPG Keychain Access (OS X 10.5 to 10.7, Universal).
• Integrated GPGServices (OS X 10.6 to 10.7).
• Integrated GPGToolsPreferences (OS X 10.6 to 10.7).
• Integrated MacGPG 2 (OS X 10.5 to 10.7, Intel).
• Integrated MacGPG 1 (OS X 10.5 to 10.7, Universal).
• Integrated Enigmail (Thunderbird 3 to

.

3. Next go to the Tor Project website at:

https://www.torproject.org/download/download.html.en

Download either the “Tor Browser Bundle” (Intel-only) or the
“Firefox/Vidalia/Torbutton” bundle (PowerPC-friendly).

The only difference is the Firefox bundle requires some extra
effort on your behalf by disabling certain plug-ins, scripts, java,
flash, ect that could ‘potentially’ reveal your true IP. The
Tor/Aurora Browser bundle comes pre-configured for your security,
and is therefore recommended for the uncertain. But Firefox also
allows you the ability to use FireGPG if you so choose.

4. Once running TOR via Firefox w/Torbutton or Torbrowser/Aurora,
verify you are connected to the TOR network by clicking here:
https://check.torproject.org/

5. Next, get a Tormail.net email address. The Tormail.net .onion
address is:

http://jhiwjjlqpyawmpjx.onion

This is what provides you ‘location’ anonymity compared to ANY
other email service. Couple that with GPG and you really can’t be
much more secure at this point in time. (please correct me if I’m
wrong). Read the Tormail homepage to understand their dual web-
facing, anonymous-web relays, security info, ect.
But Tormail alone will ONLY cloak your IP adresss, and does not
provide you the GPG encryption essential to true anonymous
communication online. So the next thing you’ll need is an
OpenSource, IMAP/POP3 capable email client.

6. Download Mozilla projects “Thunderbird”, an email client brought
to you by the ‘most def’ Firefox crew . Highly recommended,
although Mail.app can also apparently be used too.

Thunderbird download: http://www.mozilla.org/en-US/thunderbird/all.html

7. In order to integrate free, opensource GPG encryption with
Thunderbird/Tormail to provide true “end-to-end” email encryption
thru the TOR network, you’ll need Enigmail. It should have been
part of your GPGTools download, otherwise you can download it here:

http://enigmail.mozdev.org/download/index.php.html

8. Now for the ‘tricky’ part that “truly” inspired me to write this
article in the first place. The instructions are on Tormail.net’s
“Help” page, but can ‘very’ easily be overlooked. I did. Multiple
times. But they are ESSENTIAL!

http://jhiwjjlqpyawmpjx.onion/help.html

Following these instructions are truly essential to get
Thunderbird/GPG to work with Tormail on OSX. Reaching a TOR-based
hidden mailserver thru a “.onion” address is very different from
regular SMTP access to a mailserver. You MUST follow these
instructions in order to get Thunderbird to work with Enigmail/GPG.
PERIOD. Trust me. Just do it. Or it WILL NOT work. Period.

Again, just read their page if you have any doubts:

http://jhiwjjlqpyawmpjx.onion/help.html

It’s really easy and you’ll pat yourself on the back in less than
10 minutes. Promise. Cuz it’s the ONLY way I know of to get Tormail
to work with Thunderbird/Enigmail. (But again, correct me if I’m
wrong.)
Just follow the instructions to the “T”, and you should have some
of the VERY best, truly anonymous, encrypted, online security you
could EVER hope for at this point in time on OSX. I just wish
someone had written this page for me, that’s all.

In case you cant reach the original page, here are the instructions
for configuring Enigmail to work with Thunderbird: I’ve edited them
VERY “slightly” to make them simpler for most people to understand,
and to correct a few errors on their page. Namely, the menu-paths
they (mis)typed. Compare yourself if you like. I’m here to help.
That is all.

http://jhiwjjlqpyawmpjx.onion/help.html

Configure Thunderbird to work through Tor
You can use Tor Mail with Mozilla Thunderbird by following these
instructions.
You must do this or it will not work with Tor Mail.

1. Download and Install Thunderbird.
2. Open Thunderbird.
3. Goto Thunderbird menu -> Preferences
4. Click Config Editor button.
5. In the config editor filter type in
network.proxy.socks_remote_dns
6. Double click (→MAKE SURE← to double click) on it to change the
value from ‘False’ to ‘True’.
7. Close the Config Editor and click "Network & Disk Space" tab.
8. Click Settings Button.
9. Select Manual Proxy Configuration and fill in the following:

HTTP Proxy: 127.0.0.1 Port 8118
SSL Proxy: 127.0.0.1 Port 8118
Socks Host: 127.0.0.1 Port 9050

10. Select Socks v4.
11. Press OK.
12. Press OK again on the options window to close it.

Adding your Tor Mail account to Thunderbird

1. Open Thunderbird.
2. Goto Tools -> Account Settings -> Account Actions -> Add Mail
Account.
3. Enter your name (whatever you want to be displayed, its not your
username), email address and password.
4. Press Continue, Thunderbird should download the autoconfig file
from us.
5. Click Create Account.

9. Once you’ve created and added your new Tormail addy to
Thunderbird, you’ll want to generate a new key pair for your
addresss to enable GPG encryption. One public (to share freely).
One private (to guard with your life).

In Thunderbird, find your newly added Tormail addy on the left
menu. Scroll down and click on “OpenPGP Security” for your account.
Click, then click on the box next to ”Enable OpenPGP (Enigmail) for
this identity.”

Also click the boxes next to: “Sign encrypted messages by default”.
“Encrypt messages by default”, and “Use PGP/MIME by default”.

Go back to the OpenPGP Menu -> Key Managemnt -> Generate-> New Key
pair. Find your new Tormail you want to create a keypair for in the
drop-down menu, and click Generate Key. Move your mouse around to
generate some randomness while your key is being created.

That’s it! ☺

You now have your own Tor-based, anonymous GPG capable email
enabling end-to-end GPG encryption over an anonymous TOR-based
mailserver/network. You’re officially a ninja!

Thats all you need to do.

You can ignore any messages about the connection being insecure,
Tor/Enigmail does end-to-end encryption to hidden services,
thunderbird is not aware that you are using Tor.

If for some reason autoconfig fails, you can use the following.

SMTP server: jhiwjjlqpyawmpjx.onion Port: 25 SSL: None
Authentication: Normal Password
IMAP server: jhiwjjlqpyawmpjx.onion Port: 143 SSL: None
Authentication: Normal Password
POP3 server: jhiwjjlqpyawmpjx.onion Port: 110 SSL: None
Authentication: Normal Password

IMAP stores your mail on the server similar to webmail.

POP3 downloads the messages to your PC (and usually deletes them
from the server after download).

If you want to access your mail from multiple PC's then IMAP is the
best choice.

POP3 may be problematic with Tor because of long delay connecting
and Thunderbird only tries every hour, meaning it may actually
never make a successful connection.

Copyright © 2011 Tor Mail. All Rights Reserved.

Anyways, peace. The rest ‘should’ be self-explanatory. I just hope
this might help someone and please pass it on to stop this
ridiculous WOD and honor our millions of innocent brothers and
sisters current incarcerated for ridiculous, non-violent drug
“crimes”.

The pen (or perhaps keyboard?) truly is mightier than tha sword!

Please respond to this thread if you have any questions or
corrections to my instructions if need be.

Peace

lazyvegan

**Mugz** · 06-01-2012 12:10

there's an equivilant 'how-to' for windoxe on SR i
could post if u like...

Would be nice to see the windows one too if you could post it here it would be great.

**lazyvegan** · 06-01-2012 12:25

For some reason I'm having trouble accessing the SR forums atm, on both of my tor platforms (so it might just be a SR forum issue, cuz i can access SR itself no prob), but if someone could look in the SR Security forum, it's a 'sticky' at the very top, tiltled similar to mine, just for Windoze. Just copy/paste it here...So we can get some cross-platform love goin on...

[even though my OS is better than yours]

**Mugz** · 06-01-2012 12:35

[even though my OS is better than yours]

I agree with that, my OS is terrible, need a new computer altogether but can't afford one right now. Will hunt for the windows version.

**lazyvegan** · 06-01-2012 13:03

just kiddin really. these days with the proper protections it doesnt make much of a difference. although unix/linux/osx 'can be' unquestionably more secure then windoze "if" u know what ur doin.

but windoze is just fine for these matters unless ur on like the DEA's Top Ten most wanted list or something.

peace

**lazyvegan** · 06-01-2012 13:07

yeah ur wrong. delete it. thats regardling like the University of Toronto's mailserver or something. I'll pm you about SR bro. it's against the rules to post publicly. But moderators are god's gift to man (and woman!).

**lazyvegan** · 07-01-2012 01:33

So here's the windoze 'pictorial'. dunno whats up with the lack of pics, but you can make them show up by clicking on the links. Im also unsure if it covers intergrating GPG with Tormail specifically, but there are regardless many other Windoze GPG tutorials out there. much more than for osx...and there should be instructions for windoze users on the tormail website regardless..but here ya go as per request...

peace

------------

GPG (Step-by-Step: Windows Pictorial)
« on: June 20, 2011, 02:15 am »

* Quote

All of my notes are in red. They are present for a reason, read them.

Step 1) Download GNUPG

(http://i1142.photobucket.com/albums/...1-Download.jpg)

Step 2) Install GNUPG

(http://i1142.photobucket.com/albums/...InstallGPA.jpg)

Step 3) Open GPA

(http://i1142.photobucket.com/albums/...03-OpenGPA.jpg)

* GPA Main Menu

(http://i1142.photobucket.com/albums/...MainOpened.jpg)

Step 4) Generating a Key

(http://i1142.photobucket.com/albums/...rateNewKey.jpg)

* Enter Name

(http://i1142.photobucket.com/albums/...-EnterName.jpg)

* Enter Email Address

(http://i1142.photobucket.com/albums/...EnterEmail.jpg)

* Backing Up Your Key

(http://i1142.photobucket.com/albums/...-BackupKey.jpg)

Step 5) Creating / Entering Your Passphrase

This step I will elaborate on. Your key needs to be extremely strong, having a 50-70 character password is not unheard of. The more characters (letters, numbers, and symbols) your passphrase contains, the harder it will be to crack. Also, when it is time to generate your key, the more you mess around on your computer (opening & closing files, listening to music, moving your mouse, etc.) the better the entropy.

Never store your key electronically. I recommend having two copies of your key WRITTEN. Storing your key is useless and will give LEO your passphrase (should your computer ever be compromised).

(http://i1142.photobucket.com/albums/...Passphrase.jpg)

* Re-enter Passphrase

(http://i1142.photobucket.com/albums/...Passphrase.jpg)

Step 6) Key Generation Complete

(http://i1142.photobucket.com/albums/...KeyCreated.jpg)

Step 7) Encrypting Messages

(http://i1142.photobucket.com/albums/...ngMessages.jpg)

*Selecting a Key (the addressee)

(http://i1142.photobucket.com/albums/...Encryption.jpg)

*Encrypted Message

(http://i1142.photobucket.com/albums/...tedMessage.jpg)

Step

Decrypting Messages

(http://i1142.photobucket.com/albums/...ngaMessage.jpg)

*Message Decrypted

(http://i1142.photobucket.com/albums/...-Decrypted.jpg)

The pictorial will be updated, as I need to elaborate on Key Exportation and utilizing Notepad. This is the beginning. Enjoy!

**lazyvegan** · 07-01-2012 01:44

**MuzzPGP** · 16-01-2012 03:34

Thanks, just used your guide to configure my Thunderbird on Windows :-)

**lazyvegan** · 16-01-2012 05:34

thankz. glad it helped someone. especially since, if you dont wanna run windoze, you "can" run OSX off "ANY" Intel-based PC. if you dont have a working install of OSX, just google the torrent for iPortableSnow or Leapord, ect.

cuz if ya "really" wanna bee sneaky. you just run a fully functioning OS off a dual layered (with a hidden volume, ala, Truecrypt) from a fully encrypted usb flash drive. leaves NO traces on ANY host computer, and "worst case scenario", (although encrypted) "eatable" too, lol...worst case sceanario....

**huolesoh** · 04-02-2012 01:37

LZ just wanted to say i only just read your adventures !! fucking amazing, i want to go to india !

**lazyvegan** · 18-02-2012 06:42

glad you enjoyed it!

still workin on a 3quel....one of theze daze...

peace

lv

**starpen** · 26-02-2012 13:24

Hey there.

I found this forum through this thread and I'm having some trouble. I did all the suggested stuff and I still can't make it work. When I do the final step to add my adress and password, I have to punch in the IMAP and SMPT manually and when I do that, it keeps saying: "Thunderbird was unable to find the settings for your account" (translated from danish so perhaps not perfectly translated). What do I do?

**FoxyFox** · 16-03-2012 22:06

Same here. Thought it was an OS X Problem since the help-page on tor-mail is for Windows. Seems not to be the case. Tried it several times on OS X and once on Linux with the respective Thunderbird version. Any idea? Any hint is greatly appreciated.

**alibaba** · 15-01-2013 15:28

Hello, do you know if one could configure thunderbird with tormail simultaneously with other mailclients? Since you have to change the proxy for using tormail thunderbird fails to connect to my other mailclients.

Thread: 9 Easy Steps- An OSX Tutorial for Setting up Tormail with Thunderbird/Enigmail

Thread Tools

Display

Posting Permissions