Must read: https://anonymousplanet-ng.org/guide.html
Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.
Vendors, please use /d/vendor_handbook.
While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec that extend beyond the bounds of the DN.
by /u/Pygmalion Vendor Opsec · 13 votes · 1 month ago
Dear Community,
Let's build a list of recommended anonymous email providers.
They need to meet the following criteria:
1. Anonymous registration possible as a feature, not a hack.
2. Tor friendly
3. Fully functional connectivity with other providers
4. No javascript required
My personal picks:
Public:
protonmail.com:
Pro:
Under Swiss law.
Onion support
PGP support
Encrypted mailbox
Con:
Under Swiss law.
Requires some tech savvy to really use with full opsec.
Invite only:
infantile.us
Infantile is only for the best and brightest users of the DN. If you get one, it's a stamp of approval of your character and service.
Link: http://juvenilezskkwc2gu7j5c4akppjnr3kzlgljjeodd5psn6fwcnloplid.onion/
Run by /u/Kaizushi. 100% pirate. 100% awesome.
riseup.net
Pro:
Onion support
Can request tor bridges (only other provider is gmail)
US law (5th ammendment)
Really easy to use with full opsec.
Con:
US law
Please state your recommendations below.
Sincerely,
Pygmalion
/u/astrix · 5 votes · 1 month ago · Link
darknet mail exchange: dnmx.org
http://hxuzjtocnzvv5g2rtg2bhwkcbupmk7rclb6lly3fo4tvqkk5oyrv3nid.onion
/u/gencoch · 1 votes · 1 month ago · Link
Just my experience:
I have tried for two days to sign up for a dnmx account. No matter how many times I try I keep getting a CAPTCHA invalid message. I know damn well I ain't messing up the CAPTCHA.
No matter whether it's been DNMX, or Elude, or SquirrelMail - my experience with all these darknet email services is that they seem to suck when it comes to actual usability. Frustrating as fuck...
/u/astrix · 3 votes · 1 month ago · Link
FYI: The captcha for creating a dnmx account is case sensitive
/u/gencoch · 1 votes · 1 month ago · Link
I owe you bro!
/u/qualifiedrc2 · 1 votes · 1 month ago · Link
same ive been getting the captcha 100% CORRECT and still it wont work shit is soo frustrating. Eludes clock captcha is the worst one it would NOT let me through.
/u/We_Are_9000 Paranoia Level · 4 votes · 1 month ago · Link
Gmail
Yahoo Mail
Hot Mail
/u/FUDPolice P · 3 votes · 1 month ago · Link
Miss the old yahoo / hotmail days. Reset password by answering favourite movie.
Ok, what movies do they like on social media. Starwars? Bingo.
Next minute icloud backups remotely downloaded and devices wiped.
Easy as =)
/u/IamLegion · 1 votes · 1 month ago · Link
I remember yahoo/msn messenger would alt-tab you out of a game running on full screen if someone buzzed you so everybody kept spamming the buzz to piss people off
/u/kilo · 3 votes · 1 month ago · Link
cock.li will forever be best, for providing emails such as @420blaze.it and @cocaine.ninja. They also provide some that are highly offensive, which I don't agree with, such as @nuke.africa and @nigge.rs, but I can live with those ones existing if it means I get to keep my @420blaze.it and @cocaine.ninja. Some others that come to mind are @cumallover.me emails.
They went invite-only recently so now it's rare for newcomers to get themselves one.
/u/floatingzero · 1 votes · 1 month ago · Link
That's free speech for you: you take the rough with the smooth. You have the right attitude towards it.
/u/LydiaRQ · 3 votes · 1 month ago · Link
"In their ToS they say they collaborate with LE, but still worth a mention simply because they are awesome folks."
I agree. Rise Up is LE-level phishing but no biggie. I've met some awesome folks in prison as well. They will feed and take care of you there so it's okay because what's important is to be around awesome folks.
/u/Pygmalion Vendor Opsec
· 1 votes
· 1 month ago
· Link
Dread is also a federal honey pot. Everything is a honey pot.
Your opsec assumes that, right?
/u/LydiaRQ · 1 votes · 1 month ago · Link
Indeed. Don't know how much LE activity there is here, yet one opsec necesity is always to use PGP. Many do not for some reason be it lazy or otherwise.
/u/kaizushi +1 all my content. · 2 votes · 1 month ago · Link
Infantile.us as a clearweb site is just an introductory point to Tor in general. The hidden service that would be relevant in your post here /u/Pygmalion is...
http://juvenilezskkwc2gu7j5c4akppjnr3kzlgljjeodd5psn6fwcnloplid.onion/
It has my contact details at the bottom of the page. Also I don't just accept anyone as my customer and intend only to sell services to the darkweb's best and brightest. You need to be someone with a history of activity, good character, and such to get an account and your listing here should point that out.
/u/Foo9eeng · 1 votes · 1 month ago · Link
your service is not an email provider
hence, why you post?
/u/Pygmalion Vendor Opsec
· 1 votes
· 1 month ago
· Link
Corrected, thank you. Please let me know if you want me to add anything.
/u/pharoah P · 1 votes · 1 month ago · Link
Cheers!
/u/OhLongJohnson · 1 votes · 1 month ago · Link
And what about elude.in?
/u/Pygmalion Vendor Opsec
· 1 votes
· 1 month ago
· Link
Lots of connectivity issues.
/u/OhLongJohnson · 1 votes · 1 month ago · Link
Yeah, it is more offline than working, but in security how it is?
/u/Pygmalion Vendor Opsec
· 2 votes
· 1 month ago
· Link
I don't know. Any claims about security are just marketing lies.
They were never hacked to my knowledge, so there is that.
/u/nagoya · 1 votes · 1 month ago · Link
Invite only: cock.li
/u/Sciencier · 1 votes · 1 month ago · Link
Can somebody send me an invite link?
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
(private: spelling error)
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
Cock.li
_______________
Website: rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion
Mail: xdkriz6cn2avvcr2vks5lvvtmfojz2ohjzj4fhyuka55mvljeso2ztqd.onion
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏
/u/Epigram P · 3 votes · 3 weeks ago · Link
.ws? no
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
https://www.torbox.ch/
______________________________
TorBox supports OBFS4, Meek-Azure and Snowflake bridges, which help to overcome censorship (with an easy to use interface).
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
SecretMail
___________
http://2nxpboa3ya52j5au4gxwkdt4nxoh5g4y4f3tuqedlza46y35jmv6doid.onion/
/u/Lambogucci · 1 votes · 1 week ago · Link
When I registered there was no place to input a password. Now when I try to login it asks for a password. the registration was a success because I got a page that listed a bunch of dtails about my email adress and various thinks like SMTP server, pop3 ect.
/u/HeadJanitor Moderator · 1 votes · 1 week ago · Link
I see what you mean. I guess the "Voucher code" would be it. If you want private email, message me and I'll send you details on what to do.
/u/Eludedowntime · 1 votes · 1 month ago · Link
Tried Sector, it did not receive a single email.
/u/socat2me · 1 votes · 1 month ago · Link
Same here, never received any mail.
/u/gencoch · 1 votes · 1 month ago · Link
SquirrelMail just allowed me to create two email accounts with the very same user name.
I only tried a second time because I was curious to see if the first effort took. After supposedly successfully creating the account, abd receiving a message I could log in, I tried to do so but could not.
So I decided to try and once again register an account. I used the same exact user name and changed the password. I received the notification that I had successfully registered, and could try to log in. I tried but I could not.
That's gonna be the extent of my effort with SquirrelMail. That the same user name could be registered twice is sufficiently concerning to me to consider that email service to risky.
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
hobe onion mail
_______________________
http://ovhcd6qhuz22bid42pw7unwfqf7i55rghb5x62q4kxchjnk2gz2ot6id.onion/register.html
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
hidden mail onion server
__________________________
http://5nm4mdhzyfbif6i5qv3kh4i7j2trlbuvujsencsqn55opaa3d6qhfcqd.onion/register.html
/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link
dozaru onion mail server
_________________________
http://eot3almpracnkz7gz3r5yr3qaymngqsrmvbica2shw5zuc52az2gxoqd.onion/info.html
/u/floatingzero · 1 votes · 1 month ago · Link
>riseup.net
>In their ToS they say they collaborate with LE, but still worth a mention simply because they are awesome folks.
Kek. Not only are those Marxists not "awesome folks" but the fact that they cooperate with LE is fucking hilarious. Nice autonomous anarchist community you've got there, lads. I'm glad I let my account expire.
Anyway, what's wrong with the classic clearnet providers like Proton and Tutanota? I mean, I'm sure there's something wrong with them - they're too big not to have been tapped up - but IDK what it is specifically.
/u/strace P · 1 votes · 2 weeks ago · Link
Tutanota UI sucks big time.
/u/fanin12of7 · 1 votes · 1 month ago · Link
I personally use tutanota and onionmail as my work emails
onionmail - http://pflujznptk5lmuf6xwadfqy6nffykdvahfbljh7liljailjbxrgvhfid.onion
hope this helped ^^
12of7
/u/DRUGZRUS P · 1 votes · 1 month ago · Link
I haven't seen ProtonMail listed. Anything against them?
Clean isolated OS or VM > VPN > TOR Browser > https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/
/u/ioioio · 1 votes · 1 month ago · Link
some of:
JS is forced, JS is not OpSec friendly.
some say they proton co-operate with others more easy thank they thinks
/u/DRUGZRUS P · 1 votes · 1 month ago · Link
Thanks. Yea I know about the JS part. Using Qubes and Whonix with disposable VM or hardened dedicated VM that only accesses ProtonMail seems good. I like that their systems have gone through several third party audits and passed.
Only cooperation with LE that I recall reading about was for a terrorist suspect and even with that the only thing they were able to provide was the IP address. So if accessing over VPN and TOR seems sufficient for good OPSEC.
/u/ioioio · 1 votes · 1 month ago · Link
you may be right and thats good idea hardended system
i was told other things by trusted sources
i don't say yes or no on this
/u/DRUGZRUS P · 1 votes · 1 month ago · Link
Yea I'm definitely not claiming to be an expert on that but it seems reasonably secure for that specific use case
/u/ioioio · 1 votes · 1 month ago · Link
[removed]
/u/Pygmalion Vendor Opsec
· 1 votes
· 1 month ago
· Link
I'll put 'em on there with the stuff you need to know.
/u/DRUGZRUS P · 1 votes · 1 month ago · Link
Cool thanks!
/u/vekocy · 1 votes · 1 month ago · Link
DNMX.org - No CSS, Plain jane ugly web based email.
/u/VHODave · 1 votes · 3 weeks ago · Link
I'll say it again, if you're going to use protonmail, only use their onion.
/u/[deleted] · 1 votes · 2 weeks ago · Link
[removed]
/u/Pygmalion Vendor Opsec
· 1 votes
· 2 weeks ago
· Link
Email is decentralized communication. You can host your own email service if you want.
You can encrypt all emails with PGP.
There is nothing wrong with email from security perspective.
/u/[deleted] · 1 votes · 2 weeks ago · Link
[removed]
/u/Vendors_Little_Helper · 1 votes · 2 weeks ago · Link
Elude.in
eludemailxhnqzfmxehy3bk5guyhlxbunfyhkcksv4gvx6d3wcf6smad.onion
Danwin1210.de
danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion
Mail2Tor.com
mail2torjgmxgexntbrmhvgluavhj7ouul5yar6ylbvjkxwqf6ixkwyd.onion
BlackHost.xyz
https://blackhost7pws76u6vohksdahnm6adf7riukgcmahrwt43wv2drvyxid.onion/webmail/
DNMX.org
hxuzjtocnzvv5g2rtg2bhwkcbupmk7rclb6lly3fo4tvqkk5oyrv3nid.onion
ProtonMail.com = requires Javascript and payment or sms verification
https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
https://en.onionmail.info/what.html = POP3 only
vzoc4aylgsqwexe6okjbz2ix5atgdv5xyibnkcekmtg4u23syz6a7rid.onion/
Systemli.org
7sk2kov2xwx6cbc32phynrifegg6pklmzs7luwcggtzrnlsolxxuyfyd.onion
https://asapmail.me = requires Javascript
asapmsp2nsqiyufpnw5bziguahdpxbpyc6jbiss35wgca6ka434w27ad.onion
https://onionmail.org = requires Javascript
pflujznptk5lmuf6xwadfqy6nffykdvahfbljh7liljailjbxrgvhfid.onion
https://cock.li = requires Javascript and invites
rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion
xdkriz6cn2avvcr2vks5lvvtmfojz2ohjzj4fhyuka55mvljeso2ztqd.onion
RiseUp.net = requires Javascript and invites
5gdvpfoh6kb2iqbizb37lzk2ddzrwa47m6rpdueg2m656fovmbhoptqd.onion vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion
https://volatile.bz/registration.xht
u45ylsmarbsqs6brxp3aq2wvksrpajkp23vvvxaejsg63w2fx6oap3ad.onion/mail.xht
https://CS.email = disposable email, no replies
csmail3thcskmzvjicww3qdkvrhb6pb5s7zjqtb3gdst6guby2stsiqd.onion
TorBox
torbox36ijlcevujx7mjb4oiusvwgvmue7jfn2cvutwa6kl6to3uyqad.onion
/u/LargesTuition · 0 votes · 2 weeks ago · Link
why is proton mail always recommended when is requires JS to be enabled?