GetTor e-mail autoresponder
GetTor is a program for serving Tor and related files over SMTP. Users interact with GetTor by sending it email.
It is assumed that a user has a method of finding a valid GetTor email robot. Currently the best known GetTor email is gettor @ gettor.torproject.org. This should be the most current stable GetTor robot as it is operated by the Tor Project.
Requirements for using GetTor
Users communicate with the GetTor robot by sending messages via email. The messages are currently English keywords.
Currently, users have a limited set of options. It is best to send an email with a message body (the subject line can be blank) that consists of only the word 'help' to receive instructions. This will send the most current set of choices. An example reply to a request for help follows:
Hello, This is the "gettor" robot. I am sorry, but your request was not understood. Please select one of the following package names: windows macos-i386 macos-ppc linux-i386 linux-x86_64 source Please send me another email. It only needs a single package name anywhere in the body of your email.
For example, it is possible to fetch the most current Windows bundle. A user may send a request with only the word 'windows-bundle' in the body of the email. An example reply would look something like the following:
Hello! This is the "gettor" robot. Here's your requested software as a zip file. Please unzip the package and verify the signature. Hint: If your computer has GnuPG installed, use the gpg commandline tool as follows after unpacking the zip file: gpg --verify <packagename>.asc <packagename> The output should look somewhat like this: gpg: Good signature from "Roger Dingledine <email@example.com>" If you're not familiar with commandline tools, try looking for a graphical user interface for GnuPG on this website: http://www.gnupg.org/related_software/frontends.html Have fun.
The email should also include an attachment with the name 'windows-bundle.z' that can be downloaded by the user. The user must now unpack the zip file and if they wish, they may verify that the file is from the Tor Project.
Unpacking and verifying the requested files
A user should have software for decompressing .zip files. It will contain at least two files, the requested bundle and its digital signature. Before a user installs the bundle, they should verify the signature.
Users should follow the most current instructions for signature verification.
Installing the requested files
After verifying that the file is valid, a user should simply run the program. If a user requested the source code to Tor, we assume that they're able to follow the build instructions contained within the source itself.