One part of this scheme that I forgot about, which the link in the sibling reply mentions, is MixMaster (http://mixmaster.sourceforge.net/faq.shtml#1.2), a self-hostable service for “mixing” SMTP traffic (including SMTP>NNTP gateway traffic) around. Many people host these, even today. It’s a bit like Mailinator with all its alias domains, but for the other end of the connection, and distributed.
So, to get all the security features at the same time:
1. Using Tor to hide your IP,
2. Connect to a MixMaster node (using TLS), and
3. Send an encrypted NNTP message through it,
4. To an SMTP>NNTP gateway,
5. With the embedded NNTP message’s Recipient being alt.messages.anonymous.
Kinda complicated, but you could wrap all that up into a nice GUI program if you wanted.
MixMaster doesn’t do the Tor part for you, though. My suggestion would be to run AAM Direct in a https://tails.boum.org session, which will automatically force the connection through Tor without any configuration needed.
An additional boost to security would be for there to be .onion MixMaster nodes, so that the traffic doesn’t have to traverse the public internet (and thus probably force you to rely on the only-kind-of-secure SMTP STARTTLS extension for security between the Tor exit node and the MixMaster node.)
So, to get all the security features at the same time:
1. Using Tor to hide your IP,
2. Connect to a MixMaster node (using TLS), and
3. Send an encrypted NNTP message through it,
4. To an SMTP>NNTP gateway,
5. With the embedded NNTP message’s Recipient being alt.messages.anonymous.
Kinda complicated, but you could wrap all that up into a nice GUI program if you wanted.
Oh wait, they already did: http://aamdirect.sourceforge.net
——
MixMaster doesn’t do the Tor part for you, though. My suggestion would be to run AAM Direct in a https://tails.boum.org session, which will automatically force the connection through Tor without any configuration needed.
An additional boost to security would be for there to be .onion MixMaster nodes, so that the traffic doesn’t have to traverse the public internet (and thus probably force you to rely on the only-kind-of-secure SMTP STARTTLS extension for security between the Tor exit node and the MixMaster node.)