Eli Brandt writes:
An unscrupulous person running a remailer can obviously keep records of truenames, along with messages that their senders do not want associated with them.
Always encrypting helps with mail, but not with news.
If you don't trust your remailer operator, use more than one. This is the whole point of multiple chainings. A single point failure can be any number of different threats: blackmail, coerced disclosure by threat of violence, compromised equipment. All of these can be defended against by making a system proof against single point failure. For posting to news, one should always use two hops. The first destroys any the identity of the poster and the second one decrypts it for transmission. Both hops are encrypted, but the second relay sees the plaintext and cannot link it to anyone because the first relay is anonymous. Eric