Add support for SOCKS proxy #980
Comments
cketti
added
type: enhancement
One approach to this would be similar to the twitter app, which has an overflow menu on the account creation screen to that links to proxy settings. |
|
In proxy settings it'd be nice to have 2 sliders: Enable Tor and Enable proxy like OpenKeychain has. Orbots library allows other apps to start orbot aswell. |
|
(It's also probably a better Idea to route all traffic through the proxy/tor, This way you can deny internet access to k9mail in your firewall app which prevents exploits from leaking your real ip) |
We don't want people to use this incomplete implementation believing the proxy will be used for all their connections. This could have serious privacy implications, e.g. when using Tor via SOCKS proxy. See also #980
We don't want people to use this incomplete implementation believing the proxy will be used for all their connections. This could have serious privacy implications, e.g. when using Tor via SOCKS proxy. See also #980
|
I would like to propose that the proxy can be set on a per server basis. |
According to various questions on Stack Overflow (such as this), WebView does not support setting a proxy. |
|
I think we'd be better off using https://guardianproject.info/code/netcipher/ with the added bonus that the library will play well with Orbot. It includes a WebViewProxy, OrbotHelper etc. |
|
That'd definitely be a much better choice since most would probably be using it with Orbot rather than another proxy. |
|
What are the current roadblocks stopping adoption/development? |
|
There's been multiple implementation of this - the latest being #2571 It needs rebasing, again ( :/ ) and then merging. |
|
There's no roadblock. It mainly needs someone to implement the functionality mentioned in the first post. But it's a lot of work and needs to be done carefully because of the privacy implications when people start using the feature with Orbot. But it's not a very important feature to many people and hence not a priority. If someone wants to work on this feature please make sure to read this comment first: #2571 (comment) |
|
On the contrary @cketti , this is a VERY important privacy feature. But there is another easier way that this could work, without implementing network proxies inside k9mail. Firstly, to use k9-mail through orbot you need to use AFwall. Its a must. why? because you can force all connections to go through VPN tap adaptor in AFWall settings. Then you have to configure orbot to be used as a VPN -> switch to VPN-Mode. Then you need to allow the apps you want to pass through orbot, in this case k9-mail. Now the only thing that SHOULD be implemented in k9-mail, is account-related VPN toggle switches. Basically this switch would read from the same options thats inside the android settings > VPN (under lineageOS atleast) thats where it shows Orbot VPN & OpenVPN Connect(if you have it). I think account-separated VPN toggle switch would insure that your email account passes through the correct tap adapter. Can anyone concur? |
|
One more usecase : gmail usually blocks access for me when retrieving mail from new country - this is quite annoying when travelling. I solve this on desktop by proxying through my server and it would be awesome to have same soluiton on android. So for this usecase only support for POP/IMAP/SMTP connections is required. Maybe this is easier milestone to reach. |
|
Check my commit. SOCKS proxy support added |
|
The pull request was rejected, so now what? Is there still a plan to implement proxy support in K-9 Mail, or should this issue be closed? |
|
@JJohnGreenSr that PR has the major issue of not using the proxy for loading HTML content in messages. If you're using Orbot, you can enable VPN mode for K9. However, there's now an official way for an app to override the proxy used by WebView: https://developer.android.com/reference/androidx/webkit/ProxyController |
|
google servers will detect unusual activity on your account, because dozens of Gmail accounts are accessed on the same IP, it's useless using Orbot, it's better to insert the proxy code in k9 so that it can be set for each account, proxy settings will be automatically retrieved from the parser txt proxy list, 1st line for 1st account, 2nd line for 2nd account etc. and there is a proxy checking feature is active or not. as I found on this nekoX.
|
Not everyone uses Google as they're provider. Many other email servers are tor friendly, some even offer .onion support. |
|
It would be great to have this feature for interoperability with new TorServices app and allow saving VPN slot for other needs |
This comment was marked as off-topic.
This comment was marked as off-topic.
|
I always route all my email clients to Tor (localhost:portnumber), See this issue is very old, from 2015, and is still pending progress |
This comment was marked as off-topic.
This comment was marked as off-topic.
|
I promise a reward of ₿.015 to those who implement it and pass PR, finally... |
See also https://code.google.com/p/k9mail/issues/detail?id=2834
The text was updated successfully, but these errors were encountered: