I appreciate your efforts, but there is no Tor when you’re in whitelist network. Tor is banned in Russia since 2021.
The only thing we have here in “white list situation“ (as the topic title says) is a tiny subset of whitelisted IPs, none of them are Tor nodes or even near something alike - only big and approved services. We have IMAP/SMTP to some of these, and some TURN as well.
Sorry, probably linked a topic that is low in cross-linking. Here are some better references:
Tor is still used in Russia, but use is about a tenth of what it once was: Users – Tor Metrics . This may be mostly from blacklist areas. In a whitelist area, it is necessary to find a whitelisted bridge to use Tor. Responding to Tor censorship in Russia | The Tor Project . Obviously these are not going to be publicized.
The Russian censors also do a lot of Deep Packet Inspection.
The Cloud Firewall Firefox extension blocks some popular IP ranges belonging to Google, Amazon, Facebook, Apple, Microsoft and Cloudflare. There are lots of useful websites hosted on Cloudflare, for DDOS prevention; I’ve seen estimates of 40% of websites, which seems high. The other clouds host some flagship sites, some sites of corporations and governments, and a lot of useless clickbait sites. If some of these ranges are not blocked in Russia, it would be possible to host a bridge there.
I2P would almost certainly draw unwanted attention, though! And these things Ian suggested are hard to configure. A whitelisted mailserver is easier, at least until it bans encrypted mail or stops federating with non-Russian servers.
Private pirate networks are another option for a local network. Briar (software) - Wikipedia is software that does this and messaging. Mail is very tolerant of network delays, too.
Does anyone know why they are not blocking encrypted emails? It could be done through basic DPI.
Presumably because it would break a lot of important things, like banking and security updates.
I have never seen a bank that supports transferring money or fetching your balance using PGP encrypted & signed email. Neither have I seen apps whose vendor has distributed PGP-encrypted (!) update attachments on mailing lists. Any chance you could give an example for each?
I know Facebook supported PGP-based notifications way back, but that was also optional.
I believe they are used internally. Mail is an old protocol that is built in to lots of things.
Trying out Delta Chat with a few people to whom I can try to pitch it… I’m not good at pitching, as much as I value cool FOSS things made with visible care put into it.
It’s obviously simple enough for IT guys, for normal people, not as much as one would want…
Obviously the most significant source of pain is not exactly related to Delta Chat, but rather to the service provider (mail.ru). To create a mail client password, one has to pass google captcha (which is geniously not working without VPN). By the time you figure this out, you run into SMS verification limit (with 1 day cooldown).
My father only managed to create an account on testrun.org, and as you can guess, it won’t pass the whitelist… And I can’t help since I’m physically remote.
There are rumors another alternative mail service we have (Yandex) is unfriendly to encryption, starts to spam-flag mail or reject it outright.
There’s another alternative (Rambler), haven’t tried it out.
Delta Chat’s account creation UX wants to make classic mail accounts second class citizens, which is not that great in our situation.
Speaking of which, there should be some handling for classic mail users in context of notification (and battery optimization settings). Classic mail user should be guided around perfect battery optimization / permanent notification settings - I don’t enjoy giving long explanations on how to make it work properly…
Another thing are calls. Yup, I’ve already discovered they would only work on chatmail server. I’m currently wondering if adding a chatmail relay would make calls work smoothly - didn’t verify it with anyone yet. Could be best to have way for it via classic mail…
Of course, having a mechanism for short links would also help adoption. I’ve decided to put a link to my Delta Chat account into the Telegram bio, and it only works because: 1. Telegram premium users have 140 chars limit on the Bio, 2. I’ve manually removed the HTTP parameter with my name from the link, 3. My email is short enough…
That’s pretty much all that is making this feel clunky!
Security wise, yup, maybe the ability to reconstruct social graphs is something to work on if possible, but it’s not really critical…
But, don’t think I’m not grateful to people doing pretty much the only thing that can work here! Kind of like how minimalistic and smooth this is
Dude, you can create several mail.ru email accounts (using your phone number) and share them with your family. All they’ll have to do is enter the server addresses and password in the Delta Chat settings.
What’s more, you can create multiple Delta Chat (@mail.ru) accounts on your device and then share them with your family using the “Add a second device” feature.
Workarounds are just that, workarounds. By definition, they don’t solve and fix the underlying problem, and introducing new ones potentially. In this case, multiple email accounts on a single phone number, with every account having DC folder and flooded with weird emails. What could possibly go wrong. 
Adversarial interoperability is necessarily going to involve workarounds. The straightforward path has been blocked. A hassle barrier is very nearly as effective as an outright block (which is why Google have one for IMAP access, the want most people trapped in webmail), and draws much less protest from techies.
That said, the Russian hassle barrier to using DC currently seems way too effective, and a tiny oligopoly of permitted servers is far too easy to subject to centralized control.
An encrypted channel to access arbitrary mailservers would be a more elegant solution.