On Saturday, 30 December 2017 04:55:59 CET Stumpy wrote: > In the end, I want to have say a VM for email, where the firewall blocks > everything but access to the email service, and do the same for my > "banking VM" or "bitcoin wallet vm" > > I'm at a bit of a loss so would be greatful for help.
Using gmail in your browser is indeed quite difficult to allow specifically. Even using another protocol to a provider like google is practically speaking not possible. So I think you started on the hardest problem. Instead, if you were to use for instance kolabnow.com, you'd be able to limit your outgoing to just two hosts (imap.kolabnow.com and smtp.kolabnow.com) which is a short list of IP addresses. (I personally use 'dig' to find out all IP addresses of a DNS). Same with the Bitcoin wallet VM, you need to find out a series of trusted IP addresses and only allow outgoing connections from them, and likely no incoming connections at all. Those IPs would be someting from friends, or some you find on; https://bitnodes.earn.com/ But notice you need to then tell your bitcoin software to actually connect to those IPs and likely skip any DNS lookup. Hope that helps! -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/19704108.RhNjRlVOSx%40cherry. For more options, visit https://groups.google.com/d/optout.