Opened 23 months ago

Closed 5 weeks ago

#20618 closed defect (not a bug)

GetTor does not return download links when using Protonmail.com

Reported by: gaj Owned by: ilv
Priority: Medium Milestone:
Component: Applications/GetTor Version:
Severity: Normal Keywords: GetTor, download links, protonmail
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Using GetTor to get download links for TorBrowser works fine when using email (web)clients like gmail.com, yahoo.com, outlook.com (and presumably others).
However, using protonmail.com, GetTor does not return the download links, but instead replies with a 'help' message:

Hi! This is the GetTor robot. I am here to help you download the
latest version of Tor Browser.

Please reply to this message with one of the options below:

android
windows
linux
osx
mirrors

I will then send you the download instructions.

If you are unsure, just send a blank reply to this message.

Either replying with a blank message or mentioning any of the options (windows, linux, etc) returns the exact same 'help' message from GetTor, but no download links.

Child Tickets

Change History (13)

comment:1 Changed 23 months ago by gaj

Component: - Select a componentApplications/GetTor
Owner: set to ilv

comment:2 Changed 23 months ago by ilv

Status: newneeds_information

Hello gaj, thanks for reporting this. It's odd, we don't filter providers. Can you provide a sample of the email that you are sending to gettor? It will be useful to have the raw email (with no private information, of course).

comment:3 Changed 23 months ago by arma

I talked to a similar (maybe the same) person on irc, and one theory there was that protonmail was html-ifying its outgoing mail in a way that confused gettor.

comment:4 in reply to:  2 Changed 23 months ago by gaj

Replying to ilv:

Hello gaj, thanks for reporting this. It's odd, we don't filter providers. Can you provide a sample of the email that you are sending to gettor? It will be useful to have the raw email (with no private information, of course).

Hi ilv, below the message I sent to gettor (I renamed my mailaddress to gaj@…). Hope this helps, if you need additional info, just let me know.

Header:

Message-Id: <YfnDx7SVrYr_a57rkM7YZMickZUi3IW61If5GhAC79vhJVw-qQrTLDzOhE1g5OPMbOXNdn47Bcn3MtlL0XhSzz9ftJrL6AnWxZFgYUhkQB8=@protonmail.com>
From: gaj <gaj@protonmail.com>
To: gettor@torproject.org <gettor@torproject.org>
Cc: 
Subject: (No Subject)
Date: Thu, 10 Nov 2016 00:56:19 -0500
Mime-Version: 1.0
Return-Path: <gaj@protonmail.com>
Received: from mail.protonmail.ch by mail.protonmail.ch; Thu, 10 Nov 2016 00:56:19 -0500
X-Original-To: gaj@protonmail.com


-----BEGIN PGP MESSAGE-----
Version: OpenPGP.js v1.2.0
Comment: http://openpgpjs.org

wcBMAxaaB7M35NQNAQf/es/JBqmQsWsRHd6rzvU2Ic8qvNlfQWCONHpKkH1p
hbGRz7R0JMMRxQgCufese7tBa18rxJH512ks52VeiGer+UbCRDA4wPWC47bQ
XEC8ccxWEctBvqW5SNOWvJtNdhLaZZ67MpHyVlG+nWPrEkJl1KwNdhG9gDQz
bJgldla8ytO+aXEvu3eejql1PvLvX9Vt2JG4P84MTKOWxCEKslyDowMdPnwQ
87RKMczp7H184m1HceLFNDiAGmOxrxvk7mPH/lTfs0UEqxtrd6wtLDKBtcVU
FLuwn2hsPUoook3g57HLzIjI6b9XGjkp1M7xK1N/k/0L0vYoZwI9AJor5ZVM
GtLBCQELs60QTDrYCVeJ6jtKL6U/uu3vTLLSlK0zACcdufwxNa33Uf+7M9o7
JCV9AFFGUVVoIDUJAdipv8ZrcjYmDG3WtObIpXe8lxVlnz8a6PgExu8U1zdH
bLmBywsMovZT4N6rG0xYqNFFwNY7ZoMeIetIJACaCXmfExPsHhdFkphDQn8N
ZhS7XAqPgTPCbWq4NcdzehiSYYchq62GrilxWLmFAfLlagMDUDNonCWiRsac
63mKVd/3wc1LYg54y9tgBYBsBuBYCKDycxMbU9YAiZ7yzGmzvt/1x4Majrao
C6RtBkkImsl/C+zSz7t4DtHiXeAIWvmDHFgzsXxBFAGAlHMmrv+r7DMLWhSi
DQZXCP1lj0ZwPUWmF1OF4DVA+SFcC7yAZYmuH7HNTeNDzucg2J2lS9kSbTU4
3fwkrVktmn3CsSL6wXZXcsyb556mGOphOVLba1psiJM0c/VO02bLS6aQDFva
8sJSEU9tgsgqFPbwnCgLwAPKTF70BZRH16gbxWCbmbAOd5YrKWplhD/6hAu8
n52RsnUnp6ZO+Y2Em+T9hziqwWLpeaeuXK1Na4l36J545vmzpSjoTU6MOV8v
JsbPGagvhEob4tk=
=TGrn
-----END PGP MESSAGE-----

Message source:

<div>linux<br></div><div class="protonmail_signature_block-empty"><br></div><div class="protonmail_signature_block protonmail_signature_block-empty"><div class="protonmail_signature_block-user protonmail_signature_block-empty"><div><br></div></div><div class="protonmail_signature_block-proton protonmail_signature_block-empty"><br></div></div><div class="protonmail_signature_block-empty"><br></div>
Last edited 23 months ago by arma (previous) (diff)

comment:5 Changed 23 months ago by arma

Ah ha. It looks like you're sending a pgp encrypted mail to gettor, encrypted to the key 169A07B337E4D40D. What key is that? And in any case, if gettor is looking for a keyword in the mail it receives, and it instead receives a pgp block, that would explain why it doesn't know what's inside it.

comment:6 Changed 23 months ago by ilv

Resolution: not a bug
Status: needs_informationclosed

In deed, gettor doesn't handle mails with encrypted content. In the past, people have mentioned that it could be useful to parse the mail subject as well, which could help in cases like these. Anyways, the solution here is to avoid sending encrypted mails to gettor (I haven't used protonmail, may be it does if by default?).

comment:7 in reply to:  6 ; Changed 23 months ago by gaj

Replying to ilv:

In deed, gettor doesn't handle mails with encrypted content. In the past, people have mentioned that it could be useful to parse the mail subject as well, which could help in cases like these. Anyways, the solution here is to avoid sending encrypted mails to gettor (I haven't used protonmail, may be it does if by default?).

ProtonMail does use the encryption key in the message header by default, and this setting can not be changed. As far as I understand, this key is always present, and messages to other (non ProtonMail) servers are encrypted using TLS 'if the non-ProtonMail mail server supports it' (see https://protonmail.com/support/knowledge-base/what-is-encrypted/)
I don't know if/how TLS is handled by GetTor?

As ProtonMail does not encrypt the message subject, parsing this line in GetTor would indeed solve the issue, as you suggested. Maybe this can be implemented?

After all, TorBrowser and ProtonMail both share similar ideals: privacy and anonymity, and in my opinion, it would be nice if these two parties would work together without a hassle for users.

comment:8 in reply to:  7 ; Changed 23 months ago by arma

Replying to gaj:

ProtonMail does use the encryption key in the message header by default, and this setting can not be changed. As far as I understand, this key is always present, and messages to other (non ProtonMail) servers are encrypted using TLS 'if the non-ProtonMail mail server supports it' (see https://protonmail.com/support/knowledge-base/what-is-encrypted/)
I don't know if/how TLS is handled by GetTor?

TLS is fine and normal. TLS would mean using link encryption, when supported, between the protonmail server and whatever mailserver it's delivering the mail to. Yay link encryption.

But what's happening here is that protonmail is encrypting the email message to some gpg key. How is it picking the key? It looks to me like a surprising and broken design -- like protonmail is just picking a key at random from the internet and making its mail unreadable to anybody who doesn't have the corresponding private key. How do they expect that to work?

comment:9 in reply to:  8 Changed 22 months ago by gaj

Replying to arma:

Replying to gaj:

ProtonMail does use the encryption key in the message header by default, and this setting can not be changed. As far as I understand, this key is always present, and messages to other (non ProtonMail) servers are encrypted using TLS 'if the non-ProtonMail? mail server supports it' (see https://protonmail.com/support/knowledge-base/what-is-encrypted/)
I don't know if/how TLS is handled by GetTor?

TLS is fine and normal. TLS would mean using link encryption, when supported, between the protonmail server and whatever mailserver it's delivering the mail to. Yay link encryption.

But what's happening here is that protonmail is encrypting the email message to some gpg key. How is it picking the key? It looks to me like a surprising and broken design -- like protonmail is just picking a key at random from the internet and making its mail unreadable to anybody who doesn't have the corresponding private key. How do they expect that to work?

Sorry, I am not a developer/designer @ProtonMail, only a user, so I can not explain the rationale behind the key in the header as displayed in ProtonMail. 

But I became curious as to how other mailservers react to this, so I run a little experiment: I have sent a similar message (no subject, body only contains the word 'linux') to a number of e-mailaddresses that I use, including Outlook.com, Yahoo.com, YOPmail.com (disposable e-mail), and online.nl.

All mailservers handled the message well, I could read it in every singel account. Because I wondered about the encryption and the key in the header, I looked into the 'raw' message (described as 'source', 'original text', or in the header, depending on which option was provided. To my surprise, I did not find the explicitly indicated PGP section (as seen in ProtonMail, see comment 4 of this thread) on any of the headers or raw messages(?!?).

However, the body text ('linux') of the message is not present in the 'raw' message either. I can only guess what happens (I am not a mail/encryption expert), but below I will post two of the 'raw' / 'source' messages (I have removed the original e-mail addresses and replaced these with gaj@*.*), for 'Yahoo.com' and 'webmail.online.nl', and the headers as shown by YOPmail:


1) Yahoo.com

X-Apparently-To: gaj@yahoo.com; Thu, 17 Nov 2016 09:02:08 +0000
Return-Path: <gaj@protonmail.com>
Received-SPF: pass (domain of protonmail.com designates 185.70.40.27 as permitted sender)
X-YMailISG: fZZMqacWLDtpPxkrw_PJ1F_705oX0vwokLJSl6.pAlCsN_Mc
 MgTj9IzuxsNBmDuForH_W_W8TnxkBERivdrc.M4ABbwhT9eKOA5o3R_pEITj
 OXOc17PmRT4O0bHzfHSZ6r5iBKLqDGgHHo0Wwx35rXMoWo.qKRLZCpIUPS9r
 H0BA5bxk_9chuO4mRB19oV6ibtQvaJ9cXiaWMOWdc6JoMUiWOnzlvULgLp0I
 UmN3J.PcFQ9X0ygqDVx.zZwf1cxOJWs6STZsmFntE6C29TWQgWDVT2Yq2kMQ
 xQ19f2asdSu4Vex0c7yt8xVuIA6a2hmjEgelBJ6MGsZ5tDVF85fK8ja496UI
 ODjXSj2OYJZl5Kjvl4nJXZgyxiHutv6ixXE06JYRY4sS5DaZ6IfHPczRNiOE
 HfFSM8om1K_YZDjuu8vp9w9wxLv96pkqGaZJEmHaxaYfwPcwee9NxBcIJvNx
 PDZjcYOG8sPCc5VNZfJBNLcV6LT3bgzknx.D4ZtYCL.eXH__IeGucxy8OUSM
 VCR9E.1nPcmg7xPlT0qDTxhMYX1XTLDWVHEmcMtL0R242eeEU3DB7hTdXwaH
 zYAJ7eK.NZnefDMOAhtcsMT4Mg.R6KQ85_WCFAp0Bw76QTE6vCsVzN0.ch0Y
 6dMYr1ZaqtLDGQFY942IlaMIjIAVVrAjXIACTFY0Q3RImoE__V_cycKSeLqJ
 MQP8kdR35s3klZVl33GbIx5qAjp0NQ4QWkcYLRE9bt3v24Z_MQyKWbDa4aQH
 QlYhUyx5WSTKreHihsJDudnSxzJUiEBTn.VZTmggw7XqXzDDaktlZLaaTez0
 4LQh7nKASkvwwvIjZRI9ZAeskJCRvIL_Aq2G3i9yT2c4.bcY4oUx.V2H61Gn
 rncq8lmCSYnW4fhJ92zV8N18w4aONWjyfsWnD5s2lZ.qzpevdk92_mWhiPeZ
 r6NEeuv7A6kG5K6zaWPGHCnCDTu7by2zBdLfGZQMRjJMQWyercX_YeJTGVA8
 U4E5dmsqGt6EkQYxtsgTrRFuQyFC7Y74L0TEvCf9UjwdkOgrQQAoeMZGPNUg
 GbZNKGRDsIrteN7Lw0zOMNPEbtlz1LI4dZOuy7LujUB7wQKe0XUVPfckBY61
 zSycg6X7m0LS67Hk7VRL7P_M98tal_hCZ9CIQvFsHjOGeWZxaIB8ojRmzUFi
 UVriHtH7mCP9_5A1p7qr0X_PS3HplEZ__6jfbMCjWTYXS2VwRYppsSpVxl0j
 xujXwV1ZwV9gPPwkmaQ9AU1CySjUvJacgItNR0yjtjc2.sm_HU79obFNcmZN
 1nTsyV3iHGPKLV..HsKWe7yaavuN0Db2JbBkOSDuJ_xoJhxQZ3gMXbTmLnDM
 0eGdgauKK76d3rX4W1K7XGI9fwikyUeni3KSFRr3nqHcbY82zRjYz7x8cyLD
 MAxAJI_259SYl8FI
X-Originating-IP: [185.70.40.27]
Authentication-Results: mta1341.mail.gq1.yahoo.com  from=protonmail.com; domainkeys=neutral (no sig);  from=protonmail.com; dkim=pass (ok)
Received: from 127.0.0.1  (EHLO mail4.protonmail.ch) (185.70.40.27)
  by mta1341.mail.gq1.yahoo.com with SMTPS; Thu, 17 Nov 2016 09:02:07 +0000
Received: from mail.protonmail.com (localhost [127.0.0.1])
	by mail4.protonmail.ch (Postfix) with ESMTP id 1A23E1DC3;
	Thu, 17 Nov 2016 04:02:04 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
	s=default; t=1479373324;
	bh=NCWs/qOiYWOIj3Sx9k1UuGsQ0DoYqE+JRVb6aQrxors=;
	h=Date:To:From:Reply-To:Subject:Feedback-ID:From;
	b=wqhh8kt3bWWZbR8AI4+ekiOKKwcATh1pSP9FIWZj9VwVHto0ymzjn3cqZTM12e9s4
	 jy6lyiZrqLB75ZXxwHLUb8CKeIdmEA3xsjedhH8Ul3LXd8+Nx8E7TpTWp1t6UCScJo
	 IF4YgTYWnqGLGcUe5fnYqXny/xWSUH0tEa4ooJUQ=
Date: Thu, 17 Nov 2016 04:02:04 -0500
To: "gaj@yahoo.com" <gaj@yahoo.com>
From: gaj <gaj@protonmail.com>
Reply-To: gaj <gaj@protonmail.com>

Subject: (No Subject)
Message-ID: <qBE6eyoCEi4_ojiuI6J3T3SsNnzbyUwHrVitqxfusRUq2KZeeEhM5NhpuB60OXX1L-SvTmDGjcdR7f6gqKLJLvsMGhF6T__vaC1NDOiUwl8=@protonmail.com>
Feedback-ID: 110SiAcT-Ttf0GX5vp9zB7NGHX35BxAovvV88zX-sg7eznfkxnT4idcqS5r9QeQ0UBubZrr4QwSNtQGIDoVcJQ==:Ext:ProtonMail
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_5482c91d8c736fe5d686a7932411f185"
X-Spam-Status: No, score=-3.0 required=4.0 tests=ALL_TRUSTED,BAYES_00,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,
	MIME_BASE64_BLANKS,TVD_SPACE_RATIO,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail4.protonmail.ch
Content-Length: 861

This is a multi-part message in MIME format.

--b1_5482c91d8c736fe5d686a7932411f185
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64

bGludXg=


--b1_5482c91d8c736fe5d686a7932411f185
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: base64

PGRpdj5saW51eDwvZGl2PjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLWVt
cHR5Ij48YnI+PC9kaXY+PGRpdiBjbGFzcz0icHJvdG9ubWFpbF9zaWduYXR1cmVfYmxvY2sgcHJv
dG9ubWFpbF9zaWduYXR1cmVfYmxvY2stZW1wdHkiPjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2ln
bmF0dXJlX2Jsb2NrLXVzZXIgcHJvdG9ubWFpbF9zaWduYXR1cmVfYmxvY2stZW1wdHkiPjxkaXY+
PGJyPjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLXBy
b3RvbiBwcm90b25tYWlsX3NpZ25hdHVyZV9ibG9jay1lbXB0eSI+PGJyPjwvZGl2PjwvZGl2Pjxk
aXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLWVtcHR5Ij48YnI+PC9kaXY+



--b1_5482c91d8c736fe5d686a7932411f185--

2) webmail.online.nl

Return-Path: gaj@protonmail.com
Received: from m7-zaas-prd-mx01.m7zaas.local (LHLO smtp-in.online.nl)
 (10.162.0.81) by m7-zaas-prd-ms08.m7zaas.local with LMTP; Thu, 17 Nov 2016
 10:02:11 +0100 (CET)
Received: from mail4.protonmail.ch (mail4.protonmail.ch [185.70.40.27])
	by smtp-in.online.nl (Postfix) with ESMTP id 18573C0003
	for <gaj@online.nl>; Thu, 17 Nov 2016 10:02:11 +0100 (CET)
Received: from mail.protonmail.com (localhost [127.0.0.1])
	by mail4.protonmail.ch (Postfix) with ESMTP id 1A23E1DC3;
	Thu, 17 Nov 2016 04:02:04 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
	s=default; t=1479373324;
	bh=NCWs/qOiYWOIj3Sx9k1UuGsQ0DoYqE+JRVb6aQrxors=;
	h=Date:To:From:Reply-To:Subject:Feedback-ID:From;
	b=wqhh8kt3bWWZbR8AI4+ekiOKKwcATh1pSP9FIWZj9VwVHto0ymzjn3cqZTM12e9s4
	 jy6lyiZrqLB75ZXxwHLUb8CKeIdmEA3xsjedhH8Ul3LXd8+Nx8E7TpTWp1t6UCScJo
	 IF4YgTYWnqGLGcUe5fnYqXny/xWSUH0tEa4ooJUQ=
Date: Thu, 17 Nov 2016 04:02:04 -0500
To: "gaj@online.nl" <gaj@online.nl>
From: gaj <gaj@protonmail.com>
Reply-To: gaj <gaj@protonmail.com>
Subject: (No Subject)
Message-ID: <qBE6eyoCEi4_ojiuI6J3T3SsNnzbyUwHrVitqxfusRUq2KZeeEhM5NhpuB60OXX1L-SvTmDGjcdR7f6gqKLJLvsMGhF6T__vaC1NDOiUwl8=@protonmail.com>
Feedback-ID: 110SiAcT-Ttf0GX5vp9zB7NGHX35BxAovvV88zX-sg7eznfkxnT4idcqS5r9QeQ0UBubZrr4QwSNtQGIDoVcJQ==:Ext:ProtonMail
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_5482c91d8c736fe5d686a7932411f185"
X-Spam-Status: No, score=-3.0 required=4.0 tests=ALL_TRUSTED,BAYES_00,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,
	MIME_BASE64_BLANKS,TVD_SPACE_RATIO,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail4.protonmail.ch
X-Online-CMAE-Analyze: v=2.1 cv=WL+CJSYR c=1 sm=1 tr=0
	a=LdbBSXNqbvtOef0nyrOuaA==:117 a=LdbBSXNqbvtOef0nyrOuaA==:17
	a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=L24OOQBejmoA:10
	a=r77TgQKjGQsHNAKrUKIA:9 a=drXjWTiCdkwO2GI1PNAA:9 a=QEXdDO2ut3YA:10

This is a multi-part message in MIME format.

--b1_5482c91d8c736fe5d686a7932411f185
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64

bGludXg=


--b1_5482c91d8c736fe5d686a7932411f185
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: base64

PGRpdj5saW51eDwvZGl2PjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLWVt
cHR5Ij48YnI+PC9kaXY+PGRpdiBjbGFzcz0icHJvdG9ubWFpbF9zaWduYXR1cmVfYmxvY2sgcHJv
dG9ubWFpbF9zaWduYXR1cmVfYmxvY2stZW1wdHkiPjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2ln
bmF0dXJlX2Jsb2NrLXVzZXIgcHJvdG9ubWFpbF9zaWduYXR1cmVfYmxvY2stZW1wdHkiPjxkaXY+
PGJyPjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLXBy
b3RvbiBwcm90b25tYWlsX3NpZ25hdHVyZV9ibG9jay1lbXB0eSI+PGJyPjwvZGl2PjwvZGl2Pjxk
aXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2NrLWVtcHR5Ij48YnI+PC9kaXY+



--b1_5482c91d8c736fe5d686a7932411f185--


3) headers as shown by YOPmail

SMTP headers :

IP:185.70.40.27 
EHLO mail4.protonmail.ch 
MAIL FROM:<gaj@…> SIZE=1854 
RCPT TO:<gaj@…> 

MIME headers :

Received: from mail.protonmail.com (localhost [127.0.0.1]) 

by mail4.protonmail.ch (Postfix) with ESMTP id 1A23E1DC3; 
Thu, 17 Nov 2016 04:02:04 -0500 (EST) 

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; 

s=default; t=1479373324; 
bh=NCWs/qOiYWOIj3Sx9k1UuGsQ0DoYqE+JRVb6aQrxors=; 
h=Date:To:From:Reply-To:Subject:Feedback-ID:From; 
b=wqhh8kt3bWWZbR8AI4+ekiOKKwcATh1pSP9FIWZj9VwVHto0ymzjn3cqZTM12e9s4 

jy6lyiZrqLB75ZXxwHLUb8CKeIdmEA3xsjedhH8Ul3LXd8+Nx8E7TpTWp1t6UCScJo 
IF4YgTYWnqGLGcUe5fnYqXny/xWSUH0tEa4ooJUQ= 

Date: Thu, 17 Nov 2016 04:02:04 -0500 
To: "gaj@…" <gaj@…> 
From: gaj <gaj@…> 
Reply-To: gaj <gaj@…>
Subject: (No Subject) 
Message-ID: <qBE6eyoCEi4_ojiuI6J3T3SsNnzbyUwHrVitqxfusRUq2KZeeEhM5NhpuB60OXX1L-SvTmDGjcdR7f6gqKLJLvsMGhF6T__vaC1NDOiUwl8=@protonmail.com> 
Feedback-ID: 110SiAcT-Ttf0GX5vp9zB7NGHX35BxAovvV88zX-sg7eznfkxnT4idcqS5r9QeQ0UBubZrr4QwSNtQGIDoVcJQ==:Ext:ProtonMail 
MIME-Version: 1.0 
Content-Type: multipart/alternative; 

boundary="b1_5482c91d8c736fe5d686a7932411f185" 

X-Spam-Status: No, score=-3.0 required=4.0 tests=ALL_TRUSTED,BAYES_00, 

DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE, 
MIME_BASE64_BLANKS,TVD_SPACE_RATIO,URIBL_BLOCKED autolearn=ham version=3.3.1 

X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail4.protonmail.ch


With this information, maybe you can explain what happens and why GetTor does not respond to this type of messages.

If you need more info, just let me know.

comment:10 Changed 22 months ago by gaj

Resolution: not a bug
Status: closedreopened

ilv / arma,

Could you please give your (short) thoughts/reaction on my experience on how other mail servers deal with the ProtonMail message (see comment 9), and why GetTor is not able to deal with this?

I hope this is not too much trouble, otherwise you may re-close this topic. 

Thanks in advance!

Last edited 22 months ago by gaj (previous) (diff)

comment:11 Changed 5 weeks ago by traumschule

Status: reopenedneeds_information

Hi Gaj, sorry for the long delay. Do you happen to use the outside encryption feature of protonmail?

What you pasted above are multipart messages. This is not very helpful in here. Try to find an option to disable HTML mails and all kinds of automatic encrypted and try again.

comment:12 in reply to:  11 Changed 5 weeks ago by gaj

Replying to traumschule:

Hi Gaj, sorry for the long delay. Do you happen to use the outside encryption feature of protonmail?

No, I do not use this feature.
In fact I am using all default settings in Protonmail.

What you pasted above are multipart messages. This is not very helpful in here. Try to find an option to disable HTML mails and all kinds of automatic encrypted and try again.

In order to disable HTML, I have just found an option in the ProtonMail webinterface to do so under Settings>Appearance>Composer mode, and changed the composer-mode from 'normal' to 'plain text.'
And this did the trick, I now have received a reply from the gettor robot containing the links to the torbrowser downloads.
So the issue may not have to do with encryption after all.

I am happy to see that this method/workaround solved the issue.
But before closing this bug it would still be very nice to get behind the reason why the error occurs with HTML (the default 'normal' mode in ProtonMail) enabled, while other email clients (also using HTML mode, see comment 9) work as expected.

comment:13 Changed 5 weeks ago by traumschule

Resolution: not a bug
Status: needs_informationclosed

That's great news! The reason is that the GetTor mail service is not made to parse multipart messages. HTML mails are a bunch of sliced crap and should not be used. Did you hear of EFAIL? Crafted HTML mails can lead to all kind of unfriendly things and you should tell everyone who sends you HTML formatted mails.

If you want, read a bit about it:
https://en.wikipedia.org/wiki/EFAIL
https://en.wikipedia.org/wiki/MIME#Multipart_messages
https://riseup.net/en/email/scams
https://riseup.net/en/security

Feel free to ask more questions, but i will close this ticket now, as GetTor works well.

Note: See TracTickets for help on using tickets.