GetTor e-mail autoresponder

GetTor is a program for serving Tor and related files over SMTP. Users interact with GetTor by sending it email.

Finding GetTor

It is assumed that a user has a method of finding a valid GetTor email robot. Currently the best known GetTor email is gettor @ torproject.org. This should be the most current stable GetTor robot as it is operated by the Tor Project.

Requirements for using GetTor

Users communicate with the GetTor robot by sending messages via email. The messages are currently English keywords. The user must use an email provider that signs their email with DKIM. A user will be alerted if their email provider is unsupported.

Using GetTor

Currently, users have a limited set of options. It is best to send an email with a message body (the subject line can be blank) that consists of only the word 'help' to receive instructions. This will send the most current set of choices. An example reply to a request for help follows:

  Hello, This is the "gettor" robot.

   I am sorry, but your request was not understood. Please select one
   of the following package names:

       panther-bundle
       source-bundle
       windows-bundle
       tiger-bundle
       tor-browser-bundle
       tor-im-browser-bundle

   Please send me another email. It only needs a single package name
   anywhere in the body of your email.

For example, it is possible to fetch the most current Windows bundle. A user may send a request with only the word 'windows-bundle' in the body of the email. An example reply would look something like the following:

   Hello! This is the "gettor" robot.

   Here's your requested software as a zip file. Please unzip the
   package and verify the signature.

   Hint: If your computer has GnuPG installed, use the gpg
   commandline tool as follows after unpacking the zip file:

      gpg --verify .asc 

   The output should look somewhat like this:

      gpg: Good signature from "Roger Dingledine "

   If you're not familiar with commandline tools, try looking for
   a graphical user interface for GnuPG on this website:

      http://www.gnupg.org/related_software/frontends.html

   Have fun.

The email should also include an attachment with the name 'windows-bundle.z' that can be downloaded by the user. The user must now unpack the zip file and if they wish, they may verify that the file is from the Tor Project.

Unpacking and verifying the requested files

A user should have software for decompressing .zip files. It will contain at least two files, the requested bundle and its digital signature. Before a user installs the bundle, they should verify the signature.

Users should follow the most current instructions for signature verification.

Installing the requested files

After verifying that the file is valid, a user should simply run the program. If a user requested the source code to Tor, we assume that they're able to follow the build instructions contained within the source itself.