Author Topic: SmallMail an anonymous/pseudonymous distributed mail system  (Read 3292 times)

0 Members and 1 Guest are viewing this topic.

Offline crypton

  • Elite
  • *****
  • Posts: 1699
  • Karma: +10/-0
    • View Profile
SmallMail an anonymous/pseudonymous distributed mail system
« on: December 09, 2009, 05:08:21 PM »
SmallMail is an anonymous/pseudonymous distributed mail system. It is designed with privacy in mind. This document describes the protocol between a SmallMailServer and a SmallMailClient that allows users of SmallMailClients to exchange messages among eachother.

In SmallMail every user can create as many mailboxes as he likes. Each mailbox has a distinctive address. All messages in SmallMail are encrypted (public key cryptography), so each mailbox is associated with a (public, private) key pair.
Key management
At the moment the protocol does not provide for exchange of public keys. For now we suggest “sneakernet” exchange of (signed) public keys between users. In a future version there will be a way look up keys on the server.

Errors are signaled by sending
“ERR” <message> at any place where a command or reply is expected.
(NotImplemented, BadParam, BadCommand, ServerError, ProtocolError, NoMessage)

Client-Server Protocol
SSL-TCP connection. Server presents certificate; self-signed certificates are fine. Server and client should at least support SSLv3.
Commands and arguments should be terminated with a single line feed (’\n’) and every line should be sent as one TLS record.
Big (binary) arguments, like message bodies that have their size given with the preceding command and can be sent in multiple chunks; they are NOT terminated with a line feed

Create mailbox
Generate key pair
Mailbox name is assigned by server (public key fingerprint)
C->S: “CRID” <keysize>
C->S: <public key> [binary]
S->C: “IDCR” <mailbox> | “REJECT”
The key will be sent in binary PGP format
Note: no error recovery

Send message
C->S: “SEND” <mailbox> <size>
C->S: “BODY” <size>
C->S: <message body> [binary]
S->C: “RCVD”
Note: no error recovery

Client identification handshake
The server will start an identification handshake when a client wants access to a mailbox. It is a challenge-response protocol. It is server policy how often an identification handshake is performed; this can be  for every command, once per session or the server might implement some time-out.
S->C: “CHAL” <challenge>
C->S: “RESP” <respsize>
C->S: <response body> [binary]
After a failed challenge the server will respond with “REJECT” and close the connection.

List messages
C->S: “LIST” <mailbox>
[[identification handshake]]
Per message in mailbox:
S->C: “MSG” <msgid> <size>
S->C: “LSTD”

Receive message
C->S: “RECV” <mailbox> <msgid>
[[identification handshake]]
S->C: “BODY” <size>
S->C: <message body> [binary]

Get part of a message
C->S: “RPRT” <mailbox> <msgid> <offset> (<part size> | “END”)
[[identification handshake]]
S->C: “PART” <offset> <part size>
S->C: <message part> [binary]

Delete message
C->S: “DELE” <mailbox> <msgid>
[[identification handshake]]
S->C: “DLTD”

We have build a system named SmallMail that contains the SmallMail GUI (or the mail package), the mail client, as well as the SmallMail Server. Of course you don’t need to run your own server and can use one of the available server. We will have a list of available servers present release soon. Further notes are in the software release package as well to be found in the documentation or the faq. Please remember that all software is experimental and used at your own risk. Currently we have the following software:




non graphical interface


Offline cio2

  • Moderator
  • Advanced
  • *****
  • Posts: 108
  • Karma: +2/-0
  • Planet Peer Community
    • View Profile
Re: SmallMail an anonymous/pseudonymous distributed mail system
« Reply #1 on: December 10, 2009, 01:15:10 PM »
that sounds interesting

I will take a closer look to it

Thanks for the info !

Offline crypton

  • Elite
  • *****
  • Posts: 1699
  • Karma: +10/-0
    • View Profile
Re: SmallMail an anonymous/pseudonymous distributed mail system
« Reply #2 on: December 10, 2009, 02:49:46 PM »
its not realy new but i found it realy too late.