Tor Mail

Last updated
Tor Mail
Tor Mail screenshot.png
Screenshot of Tor Mail main page in April 2013
Type of site
Available in English
Users unknown
Current statusOffline (as of 10 August 2013)

Tor Mail was a Tor hidden service that went offline in August 2013 after an FBI raid on Freedom Hosting. The service allowed users to send and receive email anonymously, to email addresses inside and outside the Tor network.



Tor Mail provided web mail access with two webmail applications to choose from, one fully functional ajax-based, and one simple client which required no JavaScript or cookies. The user could also access mail via SMTP, POP3 or IMAP with an email client. The user signed up and accessed Tor Mail via the Tor hidden service and needed to have Tor software installed on a computer to access Tor hidden services. Users were not required to provide any identifying information such as their name or address.

Tor Mail's goal was to provide completely anonymous and private communications to anyone who needed it. [1] The service providers said that they were anonymous and could not be forced to reveal anything about a Tor Mail user. They also said that the service did not cooperate with anyone attempting to identify or censor a Tor Mail user.

Tor Mail's service consisted of several servers, the hidden service, and an incoming and outgoing internet facing mail servers. The site's operators said that the only data stored on the hard drive of those servers was the Exim mail server and the Tor software. "No emails, logs or personal data were stored on those servers, thus it doesn't matter if they are seized or shut down." They claimed to be prepared to quickly replace any relay that was taken offline. The service and SMTP/IMAP/POP3 were on a hidden server completely separate from the relays. The relays did not know the IP address of the hidden service.

2013 JavaScript attack

A message appeared on the Tor Mail main page in early August 2013, saying "Down for Maintenance Sorry, This server is currently offline for maintenance. Please try again in a few hours." Since August 2013, the service has been unavailable. The disappearance of Tor Mail has been linked to the arrest on child pornography charges of the alleged operator of Freedom Hosting, which hosted a large number of .onion sites. [2] In September 2013, the FBI admitted in a court filing in Dublin that it had taken down Freedom Hosting. [3]

The following month, details emerged of a zero-day JavaScript attack, which was injected into the Tor Browser Bundle based on Firefox ESR 17 if JavaScript was enabled as it was by default. JavaScript was turned off by default in updated versions of Tor Browser Bundle. However, this was used during the takedown, which was exploited to send users' IP addresses and Windows computer names to a server in Virginia. [3] [4] In January 2014 it was confirmed that FBI has access to Tor Mail servers. [5]

In January 2016, it was stated that innocent TorMail users may have also been hacked by the FBI. [6]

See also

Related Research Articles

Email Method of exchanging digital messages between people over a network

Electronic mail is a method of exchanging messages ("mail") between people using electronic devices. Email entered limited use in the 1960s, but users could only send to users of the same computer, and some early email systems required the author and the recipient to both be online simultaneously, similar to instant messaging. Ray Tomlinson is credited as the inventor of email; in 1971, he developed the first system able to send mail between users on different hosts across the ARPANET, using the @ sign to link the user name with a destination server. By the mid-1970s, this was the form recognized as email.

In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 3501.

Within the Internet email system, a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using SMTP. The terms mail server, mail exchanger, and MX host are also used in some contexts.

The Simple Mail Transfer Protocol (SMTP) is a communication protocol for electronic mail transmission. As an Internet standard, SMTP was first defined in 1982 by RFC 821, and updated in 2008 by RFC 5321 to Extended SMTP additions, which is the protocol variety in widespread use today. Mail servers and other message transfer agents use SMTP to send and receive mail messages. SMTP servers commonly use the Transmission Control Protocol on port number 25.

Open mail relay

An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

Email client

An email client, email reader or more formally mail user agent (MUA) is a computer program used to access and manage a user's email.

Webmail is an email service that can be accessed using a standard web browser. It contrasts with email service accessible through a specialised email client software. Examples of webmail providers are AOL Mail, Gmail, Mailfence,, Yahoo! Mail and IceWarp Mail Server. Additionally, many internet service providers provide webmail as part of their internet service package. Similarly, some web hosting providers also provide webmail as a part of their hosting package.


SquirrelMail is a project that aim to provides both a web-based email client and a proxy server for the IMAP protocol.

Roundcube is a web-based IMAP email client. Roundcube's most prominent feature is the pervasive use of Ajax technology. Roundcube is free and open-source software subject to the terms of the GNU General Public License (GPL), with exceptions for skins and plugins.

The Danger Hiptop and Danger Hiptop2 devices come with a variety of included software titles.

The following tables compare general and technical information for a number of notable webmail providers who offer a web interface in English.

The Courier Mail Server is a mail transfer agent (MTA) server that provides ESMTP, IMAP, POP3, SMAP, webmail, and mailing list services with individual components. It is best known for its IMAP server component.


hMailServer is a free email server for Windows created by Martin Knafve. It runs as a Windows service and includes administration tools for management and backup. It has support for IMAP, POP3, and SMTP email protocols. It can use external database engines such as MySQL, MS SQL or PostgreSQL, or an internal MS SQL Compact Edition engine to store configuration and index data. The actual email messages are stored on disk in a raw MIME format. It has active support and development forums.

A mailbox is the destination to which electronic mail messages are delivered. It is the equivalent of a letter box in the postal system.

Tor (anonymity network) Free and open-source anonymity network based on onion routing

Tor is free and open-source software for enabling anonymous communication by directing Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays in order to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace the Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.

A mailbox provider, mail service provider or, somewhat improperly, email service provider is a provider of email hosting. It implements email servers to send, receive, accept, and store email for other organizations or end users, on their behalf.

Freedom Hosting is a defunct Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor webhost.


SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired.

The JSON Meta Application Protocol (JMAP) is a set of related open Internet Standard protocols for handling email. JMAP is implemented using JSON APIs over HTTP and has been developed as an alternative to IMAP/SMTP and proprietary email APIs such as Gmail and Outlook. Additional protocols and data models being built on top of the core of JMAP for handling contacts and calendar synchronization are meant to be potential replacements for CardDAV and CalDAV, and other support is currently in the works.


  1. "Notice to Officials - Abuse Complaints".
  2. "Freedom Hosting arrest and takedown linked to Tor privacy compromise". August 5, 2013. Retrieved August 11, 2013.
  3. 1 2 Poulsen, Kevin. "FBI Admits It Controlled Tor Servers Behind Mass Malware Attack". Retrieved 2013-12-22.
  4. "FBI Malware Analysis". Gareth Owen. Archived from the original on 2014-04-17.
  5. Poulsen, Kevin (2013-07-22). "If You Used This Secure Webmail Site, the FBI Has Your Inbox | Threat Level". Retrieved 2014-01-28.
  6. Cox, Joseph (21 January 2016). "FBI May Have Hacked Innocent TorMail Users" . Retrieved 24 January 2016.