Your Forum Registration (Sign Up) is broken

E-Mails addresses that contain a
char c = ‘-’;
don’t receive an activation mail. will not work will work.

You should fix that bug.

Okay, it doesn’t look like that “-” is the problem.
The two trashmails i tried seem to work, but it doesn’t work with real e-mail providers.
Maybe they are filtering your activation mails
or do you filtering them out?

There’s nothing wrong with the outbound mail.

I checked some things, and deducing what your e-mail address might’ve been, based on what you’ve said (I know it’s not the one you’re registered with now), it looks like the email provider implements ‘greylisting’ which is pretty common to fight spam. It deliberately delays the mail for a while to see if a ‘normal’ mail server will retry (spammers won’t).

As per greylisting procedure, it accepted the mail about 10 minutes later. Whether or not it went into a spam trap after that at that end, we can’t say, but it did ultimately send.


1 Like

Thank you for your answer.
The mail provider i did use starts with the letter g. Maybe that helps to better narrow down the problem. I didn’t find a private message system on the forum, thus i hope the letter is enough.

I tried to resent the activation mail several times, also 10 minutes later but i didn’t get any mail. Even not in the spam folder.

Is the whonix forum running behind the tor network? Maybe the mail provider blocks everything that comes from a known tor exit node?

Thanks for clarification re email. It turns out this wasn’t greylisting in your case but something else your mail server was doing. Not Tor related.

I have made a change, DNS related. It will probably fix the issue going forward.


Thanks a lot. Now i received all the activation e-mails from the Whonix forum.
Thus it seems to work now.

But now i have a new problem.
I want to keep this accountname “firefox”, but i can’t use my real e-mail at the moment, because the whonix forum software says, that this is already in use by the other account i tried to create before.
Does the older account, that was never activated expire some day, so that i can use my e-mail for this account?

And if i change my e-mail in the forum, will i get some sort of confirmation call to my old e-mail? The old e-mail for this account is a trashmail mail provider, i no more have access of the inbox, because it stops to exist after 24 h.


(Why? We are users of webapps, not developers. Not exactly on point, but that relationship is described here: Frequently Asked Questions - Whonix FAQ)

Unfortunately so, yes. (We had a similar issue very recently, see Can an admin change a user's email address? - support - Discourse Meta .)

I have a solution in mind, will post soon.

Since you are still logged in… Please e-mail me.

  1. Sent a random code by e-mail first. Such as:



(Or sent me multiple of such codes in case something goes wrong.)

Rather than such a code you could post a gpg public key here. That authenticates much stronger.

  1. Also sent me the account name with the unused account that you wish to be deleted. Then if not activated, and older than 1-2 days, I can delete that account to free up that e-mail address.

  2. also tell me which e-mail address you wish to use by sending an e-mail to me

  3. Then post the same code here in the forums. That will prove that the user who spoke in the forums is the same user that e-mailed me earlier. This is to prevent account theft.

  4. I will then deactivate your forum account, change your forum e-mail address to desired new e-mail address and have the forum software sent you an activation e-mail. Once you click that link, your e-mail address will be changed and your account re-activated.

I like the idea with the OpenPGP key. I could post a public key, a pastebin link to the public key or a fingerprint of the public key here, in the latter case i would upload the public key to a key server, so you can download it there with the fingerprint.

But when you deactivate my forum account i am using now, will all the build up reputations, like badges and likes be lost or are they still be there after re-activation?

Will still be there.

Okay, you can find my public key here:

Fingerprint is

D156 2CA5 4C66 D2D6 A39A  BE0E CC37 3898 9158 04A8


If you tell me your public key, i could encrypt a text file signed with my key and which includes the required data like my e-mail address i want to use, the account i want to have deleted and the account i want to keep.
Then with your private key you could decrypt it and make the required changes in the forum.
It would be good if your public key is at least a 4096 RSA key or a key of similar strength.

Just sent gpg encrypted e-mail.

Contact - Whonix

Encryption isn’t configured and not installed in my E-mail client because none of my contacts does use OpenPGP encryption for E-Mail.
And the E-Mail would, without additional changes, reveal my name in the address field.

Isn’t a link to an encrypted and signed ASCII Text message posted somewhere on pastebin for a couple of hours good enough?


Okay, here’s the link to the encrypted message:

I decided to use privatebin instead of pastebin on a server in Switzerland.
I also used the additional encryption feature of privatebin because i assume that OpenPGP messages might get stored by some authorities.
The Password for privatebin is “Whonix”.
You will still need your OpenPGP key to decrypt the message.
The link is working for < 24 h.

In case i can’t activate the account again because of a missing activation link, like it happened before, i will create a new account and use my OpenPGP key so you will know, that it is me.

E-mail changed, activation mail sent. Account should be reactivated once activation mail link was clicked.

1 Like

Thanks a lot. It worked. :smiley: