Ah apologies, I thought you meant it only obfuscated "internal" metadata, ie headers. On 10 April 2015 21:43:51 GMT+01:00, Mike Ingle wrote: My software goes through Tor hidden services (or exit node if necessary) and sets up a TLS session inside that. The From address of the mail only exists inside the encrypted envelope, which only the recipient can open. If someone had a global view of the Tor nodes, they might be able to track a particular message via timing, but going through Tor prevents mass surveillance by a passive observer. Mike On 4/10/2015 12:28 PM, Cathal (Phone) wrote: Metadata includes who speaks to who, which can only be hidden by obfuscation in a mixnet, public-message-boards that recipients pull randomly or fully from, or similar ways of removing means of connecting endpoints. On 10 April 2015 20:08:04 GMT+01:00, Mike Ingle wrote: How does one go about getting on this list? I think Confidant Mail qualifies. It uses GPG end to end, and encrypts the metadata in transit. On 4/10/2015 6:44 AM, hellekin wrote: On 04/10/2015 03:59 AM, Seth wrote: [1]https://github.com/sweis/crypto-might-not-suck/blob/master/README .md *** When EFF launched the Secure Messaging Scoreboard, lynX and I were a bit pissed that they even mentioned proprietary solutions, so we made an alternate list: [2]http://libreplanet.org/wiki/GNU/consensus/Secure_Messaging_Scoreb oard == hk -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. References 1. https://github.com/sweis/crypto-might-not-suck/blob/master/README.md 2. http://libreplanet.org/wiki/GNU/consensus/Secure_Messaging_Scoreboard