Currently the mmmv_mail_protocol_t1 lacks any code.

• Hide metadata as much as one can think of, including who writes to whom and the message receiving time and the messaging frequency.
• Symmetric key encryption, where each encryption key has a unique ID and no user specific data fields.
• Cryptotext modifications should be detectable.  Crypto software will probably include that feature. The mmmv_crypt_t1(TODO: add it to the Fossil repository) already has that feture.

Users U_1..U_n form a complete graph G_u. Graph G_uu is like G_u, except that each G_u unidirected edge is replaced with 2 directed edges, one directed edge in each direction. Each of the G_uu directed edges, E_g_uu_k, k inSet(1 to ((n*(n-1)/2)*2=n*(n-1)) ) id est k inSet(1 to (n*(n-1)), represents a virtual mail moving channel.  The users U_1..U_n have symmetric cryptography based one-time keys for each E_g_uu_k. The one-time keys have a key specific probabilistically unique key_ID and they do NOT contain any user-IDs. Each user has a database(It might be an SQLite database)that pairs the key_IDs of that user with the E_g_uu_k-s that exit or enter that user at the G_uu. 

The vertices of the G_uu, the users U_1..U_n, exchange messages by uploading outgoing mail to the server and downloading incoming mail in batches of mail messages, where only some, if any, of the downloaded messages are for the user that downloads the batch of messages. Encryption of the communication between the G_uu vertices and the mail server is outside of the scope of this specification, but it is assumed that the eavesdroppers is able to determine, which of the G_uu vertices contacts the mail server a