Here’s how I found out about this. I set up a mail server on a local network without internet access. Then I launched DeltaChat on several computers in that network and tested sending and receiving messages using my mail server as a relay. This was done on version 2.25.
When I updated DeltaChat to version 2.35, the connection to the mail server was lost. DeltaChat’s logs showed it was trying to connect to nine.testrun.org and turn.delta.chat. Of course, it couldn’t connect to them, since everything was happening within the local network.
So, it seems DeltaChat was secretly trying to connect to servers on the internet, for an unknown purpose. Perhaps to send copies of encryption keys.
This was discovered because, due to the inability to connect to the internet, DeltaChat couldn’t work in the local network—it was constantly updating the connection to the mail server. In other words, it was due to a bug in DeltaChat’s code.
I hope that in a future update, DeltaChat will stop connecting to anyone without my permission.
Delta Chat does not try to connect to these servers, only resolves DNS to use as a fallback STUN and TRUN server for calls. It does not connect to these domain names if you don’t use calls.
Probably should postpone resolving the names until the call feature is used. There is also a related issue caused by this:
I agree, it’s very unpleasant to see that when you use your own mail server — whether a classic one or a chatmail server — there are constantly requests going to third-party servers. You don’t even need to look for them, it’s happening all the time. It would be great to exclude all outgoing connections that should not be involved in any way. For example, if my contacts use only their own servers and mine, but DNS queries are still going to nine.testrun.org and other addresses — why? It’s unclear. Leave only the connection to the WebXDC app store.
This sounds like a really easy way for authorities to cut off access to recent versions of Deltachat. We’ve seen a lot of political internet shutdowns lately, so isolated-intranet operation will be very important to some users.
Speaking of which, could we have a DC-over-mesh-networks tutorial? I hear Yggdrasil proxies work?
I think it would be great if users could enter the server address for calls, just like they could enter a mail relay address.
There are regions where internet access is whitelisted. Only state mail works. If DeltaChat can’t connect to mail because it can’t connect to its own servers, as happened in my case on the local network, then DeltaChat won’t work at all in those regions.
Delta Chat does not rely on the servers mentioned above. and esp can continue working with others when internet access is restricted for whatever reason.
the servers mentioned above they are not needed for relaying messages.
by default, chatmail relays can provide their own stun/turn servers - only if this is not the case, the servers mentioned above are used as a fallback and only for calls
No. You’ve misunderstood the problem. DeltaChat relies on these servers I mentioned above. The inability to connect to your own local mail server due to the unavailability of internet servers was discovered and is now described in two threads: