Introducing ProtonMail's Tor hidden service

For those wondering how to create your own custom Tor onion adress, look no further than: <a href="https:&#x2F;&#x2F;timtaubert.de&#x2F;blog&#x2F;2014&#x2F;11&#x2F;using-the-webcrypto-api-to-generate-onion-names-for-tor-hidden-services&#x2F;" rel="nofollow">https:&#x2F;&#x2F;timtaubert.de&#x2F;blog&#x2F;2014&#x2F;11&#x2F;using-the-webcrypto-api-t...</a><p>And for those who think Protonmail are the only service with a custom address, think again, because Facebook has one too: <a href="https:&#x2F;&#x2F;facebookcorewwwi.onion&#x2F;" rel="nofollow">https:&#x2F;&#x2F;facebookcorewwwi.onion&#x2F;</a><p>You can find a tonne more at this list:<p><a href="https:&#x2F;&#x2F;github.com&#x2F;chris-barry&#x2F;darkweb-everywhere&#x2F;tree&#x2F;master&#x2F;rules" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;chris-barry&#x2F;darkweb-everywhere&#x2F;tree&#x2F;maste...</a><p>And staying on topic, Mailpile has their own .onion<p><a href="https:&#x2F;&#x2F;raw.githubusercontent.com&#x2F;chris-barry&#x2F;darkweb-everywhere&#x2F;master&#x2F;rules&#x2F;onion-mailpile.xml" rel="nofollow">https:&#x2F;&#x2F;raw.githubusercontent.com&#x2F;chris-barry&#x2F;darkweb-everyw...</a>

This is not quite as good as riseup.net&#x27;s onion support as it doesn&#x27;t include SMTP services. See:<p><a href="https:&#x2F;&#x2F;riseup.net&#x2F;en&#x2F;security&#x2F;network-security&#x2F;tor#riseups-tor-hidden-services" rel="nofollow">https:&#x2F;&#x2F;riseup.net&#x2F;en&#x2F;security&#x2F;network-security&#x2F;tor#riseups-...</a><p><pre><code> mike@snake:~$ torsocks telnet wy6zk3pmcwiyhiao.onion 25 Trying 127.42.42.0… Connected to wy6zk3pmcwiyhiao.onion. Escape character is ‘^]’. 220 mx1.riseup.net ESMTP (spam is not appreciated) </code></pre> So if your mail service supports onion addresses, then you can just replace &quot;@riseup.net&quot; in a users email address with &quot;@wy6zk3pmcwiyhiao.onion&quot;.<p>Alternatively, your mail service could have explicit configuration in place to identify @riseup.net addresses and route them to wy6zk3pmcwiyhiao.onion instead of the normal MX records. I do this with Exim by utilising Tors TransPort+DNSPort functionality and then adding the following Exim router:<p><pre><code> riseup: driver = manualroute domains = riseup.net transport = remote_smtp route_data = ${lookup dnsdb{a=wy6zk3pmcwiyhiao.onion}} </code></pre> Obviously this would be better if there was a way to dynamically advertise the onion address in the DNS instead of having to hardcode it in Exim.<p>[edit] - If they co-ordinated, Riseup and Protonmail, and potentially other similar privacy respecting mail services could send all their traffic over each other via Tor. If you work for either of these companies, please consider the possibility of looking into this sort of relationship.

If you are so threatened that you feel the need to use a Tor hidden service to reach your email provider, you should know that email --- &quot;encrypted or not&quot; --- provides the worst protection of all possible encryption messaging options. Don&#x27;t use email for sensitive communication, and certainly don&#x27;t rely on the security features of any email provider for your own safety.

From ignorance, why would I (a non-interesting person in a nominally free country, with non-interesting interests that could nevertheless become interesting depending on political shifts and shit) want to use this hidden service, rather than plain old ProtonMail?

Last I checked, ProtonMail required SMS verification for account creation.<p>Edit: When using Tor

I wouldn&#x27;t recommend accessing email over TOR, especially not a paid account.<p>Infact I would not recommend accessing any public service that requires a unique account authentication over TOR.<p>This at least is somewhat more useful than facebook over TOR but unless you are accessing only free throwaway accounts (and never use those to communicate with anyone you know) using this somewhat defeats the purpose of TOR.

Could someone expand how an email service over Tor helps when the messages you sent to others still go through SMTP protocol (even with TLS) and is stored&#x2F;relayed in&#x2F;to unprotected severs?

Can anyone speak to their like&#x2F;dislike of ProtonMail vs Fastmail. I currently use Fastmail and I&#x27;m happy, but always looking for something better.

I wish ProtonMail would offer more email aliases with its paid plans - credentials reuse is what often allows to snoop on someone&#x27;s online identity. That would really boost its value in terms of privacy.

I always get the feeling that these kinds of services are NSA honeypots. Whether intentionally or unintentionally.

FYI Scryptmail also supports it <a href="https:&#x2F;&#x2F;blog.scryptmail.com&#x2F;complete-tor-support&#x2F;" rel="nofollow">https:&#x2F;&#x2F;blog.scryptmail.com&#x2F;complete-tor-support&#x2F;</a>

If only ProtonMail could import old mail, I would be giving them money.

Has anyone thought of DNS for onion addresses?

Why the funny domain name? Is there any technical reason why they cant use protonmail.onion?