|
Home > Archive > Anonymous Servers > May 2005 > Attn: Banana Admin
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Attn: Banana Admin
|
|
| herehere@aussiemail.com.au 2005-05-01, 5:48 pm |
| Hello,
I have read your TLS page and the no.reply TLS remailer page and I have
a few questions for you regarding Stunnel and the stunnel.conf file
(a.k.a. banana-smtp.cfg).
I use QuickSilver, Tor and Privoxy along with Stunnel...Hopefully ;-)
Could you please look over my Stunnel.conf file and let me know what
you think.
Also, I have a few questions I posted at the bottom; thanks!
Here is my Stunnel.conf file:
debug = 7
output = log.txt
client = yes
options = all
RNDbytes = 1024
RNDfile = random.bfa
RNDoverwrite = yes
ciphers =+DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DES-CBC3-SHA
[nntps]
accept = 119
connect = secure.news.easynews.com:563
delay = no
[PANTA_SMTP]
protocol = smtp
accept = 2526
connect = www.panta-rhei.dyndns.org:465
delay = no
#[BANANA_SMTP]
#protocol = smtp
#accept = 2527
#connect = mail.bananasplit.info:2525
#delay = no
#[DINGO_SMTP]
#protocol = smtp
#accept = 2528
#connect = dingoremailer.com:2525
#delay = no
#[BANANA_NNTPS_563_SECURE_NEWS_FEED]
#accept = 119
#connect = tyrndfbdb2x6g3vg.onion:563
#delay = no
#[BANANA_SPLIT_25_SECURE_EMAIL]
#accept = 25
#connect = tyrndfbdb2x6g3vg.onion:25
#delay = no
#[POP@HOTPOP.COM]
#accept = 25
#connect = pop.hotpop.com:110
#delay = no
1. What does this paramiter do and what effect does it have on stunnel?
ciphers =+DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DES-CBC3-SHA
2. Which of these paramiters should I use:
RNDbytes = 1024
RNDfile = random.bfa
OR
RNDbytes = 2048
RNDfile = bananarand.bin
3. How do I use these services of yours (I have QS/Tor/Privoxy) and
can I post with them?
#[BANANA_NNTPS_563_SECURE_NEWS_FEED]
#accept = 119
#connect = tyrndfbdb2x6g3vg.onion:563
#delay = no
#[BANANA_SPLIT_25_SECURE_EMAIL]
#accept = 25
#connect = tyrndfbdb2x6g3vg.onion:25
#delay = no
4. Do you know how to setup QS > Stunnel(via.FreeCap) > Tor >
Email/Usent?
I have tired for a few days to get the above rout to work without much
luck. Everytime I try to send config messages or mail w/Stunnel I get
the error message (not verbatum) "can't connect to service as there's
too many services running".
Thanks alot
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 28 Apr 2005 15:54:12 -0700, herehere@aussiemail.com.au wrote in
Message-Id: <1114728852.045822.128020@z14g2000cwz.googlegroups.com>:
> Hello,
>
> I have read your TLS page and the no.reply TLS remailer page and I have
> a few questions for you regarding Stunnel and the stunnel.conf file
> (a.k.a. banana-smtp.cfg).
>
> I use QuickSilver, Tor and Privoxy along with Stunnel...Hopefully ;-)
>
> Could you please look over my Stunnel.conf file and let me know what
> you think.
>
> Also, I have a few questions I posted at the bottom; thanks!
>
> Here is my Stunnel.conf file:
>
> debug = 7
> output = log.txt
> client = yes
> options = all
> RNDbytes = 1024
> RNDfile = random.bfa
> RNDoverwrite = yes
> ciphers =+DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DES-CBC3-SHA
>
>
> [nntps]
> accept = 119
> connect = secure.news.easynews.com:563
> delay = no
>
> [PANTA_SMTP]
> protocol = smtp
> accept = 2526
> connect = www.panta-rhei.dyndns.org:465
> delay = no
>
> #[BANANA_SMTP]
> #protocol = smtp
> #accept = 2527
> #connect = mail.bananasplit.info:2525
> #delay = no
>
> #[DINGO_SMTP]
> #protocol = smtp
> #accept = 2528
> #connect = dingoremailer.com:2525
> #delay = no
>
> #[BANANA_NNTPS_563_SECURE_NEWS_FEED]
> #accept = 119
> #connect = tyrndfbdb2x6g3vg.onion:563
> #delay = no
>
> #[BANANA_SPLIT_25_SECURE_EMAIL]
> #accept = 25
> #connect = tyrndfbdb2x6g3vg.onion:25
> #delay = no
>
> #[POP@HOTPOP.COM]
> #accept = 25
> #connect = pop.hotpop.com:110
> #delay = no
>
>
> 1. What does this paramiter do and what effect does it have on stunnel?
>
> ciphers =+DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DES-CBC3-SHA
This parameter instructs STunnel that it can only use one of these
ciphers to make the connection. If none of these are supported by the
server, then the connection is dropped. My advice would be to drop it
and allow the client and server to negotiate the best cipher.
> 2. Which of these paramiters should I use:
>
> RNDbytes = 1024
> RNDfile = random.bfa
>
> OR
>
> RNDbytes = 2048
> RNDfile = bananarand.bin
Both are correct, depending on other influences. RNDbytes defines how
many bytes of data to read from the defined seed file (RNDfile).
You can use a command such as:
openssl rand -out bananarand.bin 2048
to generate a random seed file. Obviously in this example, the
bananarand.bin becomes the name to use in RNDfile.
> 3. How do I use these services of yours (I have QS/Tor/Privoxy) and
> can I post with them?
>
> #[BANANA_NNTPS_563_SECURE_NEWS_FEED]
> #accept = 119
> #connect = tyrndfbdb2x6g3vg.onion:563
> #delay = no
>
> #[BANANA_SPLIT_25_SECURE_EMAIL]
> #accept = 25
> #connect = tyrndfbdb2x6g3vg.onion:25
> #delay = no
Here's a couple of previous postings on this topic:
http://groups.google.co.uk/groups?s...o&output=gplain
http://groups.google.co.uk/groups?s...o&output=gplain
> 4. Do you know how to setup QS > Stunnel(via.FreeCap) > Tor >
> Email/Usent?
Afraid I'm not familier with FreeCap, so I can't give any advice on that
front. The above articles may be of use in helping you getting it
running.
> I have tired for a few days to get the above rout to work without much
> luck. Everytime I try to send config messages or mail w/Stunnel I get
> the error message (not verbatum) "can't connect to service as there's
> too many services running".
Not an error message I've seen before, perhaps somebody else can offer
some insight into the cause?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iQEVAwUBQnFz0WoLu9HNUqmMAQr2tQf7BmFJQVsY
vwF5hH1tVYlUoWC1FxDl6W7w
9BVgw3ZWN1NjYWpcnaDywPKklx36o7wawNCzTMwr
SFzoenDJUdmm11g8CkjkV9vh
2HR1EPWVB3+ZcTNmu0Q0AvQbDfCHaUC9QhaZQFsd
wXZYLA4w2s6Q3Xixvj59fx24
N0LkfbRyCiuD0A86sBsEWsbpDv2MnolHb3ZqcTc8
BaYJViIe26NHrdKDXlNkOH0u
JP8NQxF3HPtT3P5NEG18kGARXcKkeA9jynXsQRp3
rgh0lJIQvzO0hMsE6BdO7REN
yt2Kg7TK0oquIC54zrUuNaJg4ru6t3KXvLp9mmyj
9I2O/lFJ6mKlxA==
=e9LH
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| Anonymous 2005-05-01, 5:48 pm |
| In article <1114728852.045822.128020@z14g2000cwz.googlegroups.com>
herehere@aussiemail.com.au wrote:
>
> Hello,
>
> I have read your TLS page and the no.reply TLS remailer page and I have
> a few questions for you regarding Stunnel and the stunnel.conf file
> (a.k.a. banana-smtp.cfg).
>
> I use QuickSilver, Tor and Privoxy along with Stunnel...Hopefully ;-)
<Big Snip>
You don't want Privoxy with QS.
| |
| Thomas J. Boschloo 2005-05-01, 5:48 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonymous wrote:
> In article <1114728852.045822.128020@z14g2000cwz.googlegroups.com>
> herehere@aussiemail.com.au wrote:
>
>
>
> <Big Snip>
>
> You don't want Privoxy with QS.
I am not sure about this. The stats and keyrings you will retrieve in QS
have http:// prepended. And you /can/ set a proxy for your stats in QS
(1.2.6b2), so why not use Privoxy with QS for getting your stats? It
couldn't hurt much IMHO.. In fact, I think there is no other way to
retrieve stats anonymously with any windows remailer client! Might in
fact be an idea for the stats generators to have them available as a
hidden tor node!!
- From the QS help file:
/////
Http Web Proxy
When updating remailer documents, QuickSilver uses the HTTP protocol.
This is the same protocol your web browser uses when you are surfing the
World Wide Web. Some users will be required by the configuration of the
network they connect through, to use a proxy server for HTTP access.
Others may choose to use a proxy to increase their anonymity during
document updates.
What is a proxy? Generally they are used to provide some protection
against system hackers. Instead of each user's computer connecting
directly to the Internet, all users access through the same proxy host.
This means hackers have only a single host to gain access through,
instead of many computers of widely varying levels of security
implemented. In addition, a proxy can provide some cover when
downloading required remailer documents. This is achieved because access
through a proxy makes it appear the doc request is coming from the
proxy, not yourself.
You may not need to use this proxy section at all, or you may need enter
only a single field or two. If you aren't sure, ask your System
Administrator for the info require by your system.
/////
regs,
Thomas
- --
"Nothing is true. Everything is permitted" - W.S. Burroughs, Naked Lunch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQnI+dQEP2l8iXKAJAQFd0gMdHYHl+A9K
OUQNo0wbNuk2fhnNh0lJuXY6
ZdIQ3npYdoSUsMz1drICTqKjlvWwyW4bCuc4nVCv
u3Xief/HfhF0sOCs4xpWxCy+
FFefKSEpTt0np9wRW0UZsixpUUl64beCdsr7vw==
=W8i5
-----END PGP SIGNATURE-----
|
|
|
|
|