Mirror of the Rel4tion website/wiki source, view at <http://rel4tion.org>

Clone

HTTPS: git clone https://vervis.peers.community/repos/yEzqv

SSH: git clone USERNAME@vervis.peers.community:yEzqv

Branches

• master

Tags

claws.mdwn

Claws Mail Configuration

According to the MUA (Mail User Agent) comparison written by postman, Claws is the best when it comes to privacy and anonymity. Thunderbird is quite close, but Claws also has the advantage of being very lightweight, thus suitable for systems which struggle a bit with Thunderbird, or if you just don’t need all the power of Thunderbird and want to simple clean e-mail interface.

Postman roughtly mentions the settings which need to be changed, but the exact configuration is not specified. Since it was a bit difficult for me to do all the necessary steps and things didn’t work out of the box, I decided to publish my Claws configuration so you can use it and enjoy Claws without the trouble.

The configuration was used with Claws 3.8.1-2, the same version provided by the Debian 7 stable package. You can install clawsker if you want access to more configuration options, but none of what clawsker edits is relevant to anonymity.

If you have problems, it may be caused by client tunnnel configuration. Configure the tunnels as explained on postman’s website and telnet to them following the examples. If it succeeds, the problem is probably in Claws’ configuration.

Assume the pseudonym of the user is Alice. Settings which prevent Claws from sending sensitive data (such as the local hostname, username, platform, local time, etc.) are written in bold font. Make sure you at least go over all the bold parts and adapt your configuration.

Account Settings

• name of account: alice@mail.i2p

Basic

• Full name: alice
• Mail address: alice@mail.i2p
• Organization: (doesn’t matter, but free people have none/mankind/earth)
• Receiving protocol: POP3
• Server for receiving: 127.0.0.1
• Server for sending: 127.0.0.1
• User ID: alice
• Password: (your password)

Receive

• Secure auth (APOP): No
• Remove messages from server: (be nice and delete Immediately if you can)
• Receive size limit: (unless you have space issues, No)

Send

• Generate Message-ID: No
• Send account mail address in Message-ID: No
• Generate X-Mailer header: No
• Add user-defined header: No (otherwise, make sure your headers don’t contain sensitive data)
• SMTP authentication: Yes
• Authentication method: Automatic
• User ID: (blank)
• Password: (blank)
• Authenticate with POP3 before sending: No

Compose

• Signature: (Use anything you wish, but make sure it doesn’t leak private data, e.g. your real name)

Privacy

• Default privacy system: PGP MIME (for this to work I installed the pgp-core and pgp-mime plugins)

• Always sign messages: Yes (this allows recipients to be confident the message really came from you)

• Always encrypt messages: Yes (you can choose to not encrypt an individual message if the recipient has no key)

• Always sign messages when replying to a signed message: Yes

• Always encrypt messages when replying to an encrypted message: Yes

• Encrypt sent messages with your own key in addition to recipient’s: Yes

SSL

• POP3: Don’t use SSL
• Send (SMTP): Don’t use SSL

Advanced

• SMTP port: 7659
• POP3 port: 7660
• Domain name: alice

Preferences

Compose -> Templates

• Make sure the templates don’t contain text in your local language, unless you don’t mind people know where you are from

• Make sure local time and date formats and local time are not used, e.g. replace all the %d in the default templates with %D{%F} or remove them completely. %D{%F} is the date in ISO format, which avoids disclosing the locale’s format. However, close to midnight the date does disclose some information because it is the local date. Another option is to keep the %d but run Claws with the C locale, i.e. no localization is done:

  $ export LC_ALL=C $ claws-mail

You can make it easier by defining a BASH alias for claws-mail and creating a .desktop file (copy the original Claws .desktop file, and change the ‘exec’ field to point to a script which begins with #!/bin/sh and then the two lines above).

Other -> Miscellaneous

• I2P may sometimes be slow or unstable, so you may want to raise the Socket I/O timeout to a higher value as needed.

References