Such systems do exist. I have info on one handy, but I know at least
one other based on the same software exists in finland.
This one seems to be still using pgp2.0, I don't know when they will
upgrade to pgp2.1.
These remailers assign you a pseudony like anon.19, and anyone can
send mail to anon.19@pax.tpa.com.au and the mail will be forwarded
to you.
Here's the file you can get by sending an empty message
to anon.info@pax.tpa.com.au.
PAX - Public Access Unix (Adelaide,South Australia) - Anonymous Posting Host
============================================================================
Last modified: Fri Nov 20 18:55:52 CST 1992
Information about Anonymous & Privacy-Enhanced Posting.
=======================================================
PAX is conducting research into the viability of anonymous privacy-
enhanced mail as a means of providing practical, secure and confidential
electronic mail and news. An experimental server has been setup and
you are encouraged to use it.
There are many anonymous posting services in existence which provide
anonymous electronic mail and posting to specific newsgroups where
posting is sometimes harmful to one's health or reputation ! Such
services allow you to:
- post anonymously to those news groups
- reply anonymously to posts by email
- converse anonymously with another anonymous user, neither of
you knowing your real identities
Privacy-enhanced electronic mail refers to the concept of encrypting
one's mail prior to sending it off into the ether, presumably to
someone at the other end capable of decrypting it. If one uses a
so-called "public key" method of encryption, then one can make one's
"public" key widely known so that anyone can encrypt mail to you, but only
you can decrypt it using your "secret" key. There is much development
going on in this area, but one quite popular public-domain implementation
is Philip Zimmermann's "Pretty Good Privacy 2.0" which makes use of a
number of cryptographic methods including the RSA algorithm in places
(See Legal Issues later on). PGP allows you to:
- exchange public keys with another individual
- encode messages to them that only they can read
- receive messages from them that only you can read
These tools are all very well for the specific purposes for which they
were designed, but unfortunately your anonymous message or post is not
actually anonymous until it gets to the machine that host's the service.
Anyone in between, including your own administrators, can in theory
read your post, even though they won't know to whom it is directed. What
is more they can also read replies addressed back to you. This can be
highly embarrassing at best, and result in dismissal or disconnection
at worst if your thoughts, beliefs or activities are disapproved of by
the powers that be, even if they are perfectly legal.
PAX's privacy-enhanced anonymous services were conceived in the belief
that free speech and privacy are fundamental rights and that it is
high time the networks to which we are connected provided such services
on a routine basis. Seeing as they don't we have to make a start somewhere.
This service provides:
- conventional anonymous mailing and posting services via a "normal"
alias assigned in the usual fashion
- the ability to post to ANY newsgroup that is carried out of PAX
(which includes most non-regional groups)
- PGP 2.0 based privacy-enhanced mail & posting, including:
- ability to register your "public" key with PAX, so that PAX
can send encrypted messages to you
- local generation of a unique public key which is sent to you,
so that you can send encrypted messages to PAX
- any encoded messages from you mailed to a user or newsgroup are
decrypted at PAX before being passed on in anonymous form
- any anonymous replies to your "pgp" alias are encrypted before
being mailed to you
For example, once you have obtained your PGP 2.0 software (as described
later) and got it going, and once you have generated and registered
your public key and received PAX's key in response, you will be able
to post to any newsgroup without anyone beyond your machine having
access to the plaintext of your post.
Furthermore, if another user has registered in the same manner, and
you know their anonymous alias or are responding to one of their
anonymous posts, even though you don't know who they are and haven't
exchanged keys to communicate directly, the PAX service will automatically
decrypt any encrypted messages from you and re-encrypt them before
passing them on to the other person !
How to use it.
==============
All transactions are handled by email, and commands are selected by
the name of the alias to which you mail, not by the subject or body
of the message (which are ignored unless sending or posting a message).
The separator between the "anon" and the command is a dot (period,'.')
and nothing else will work ! Not '-', not '_', not ":", only a dot.
The site to address mail is "pax.tpa.com.au". If this fails for some
reason, you may need to address it to the specific host (at present)
ie. "flash.pax.tpa.com.au".
"Normal" (unencrypted) commands:
- To get information (this message):
mail anon.info@pax.tpa.com.au
- To see what your "normal" alias is, or get one:
mail anon.ping@pax.tpa.com.au
- To send a reply to another anonymous user:
mail anon.###@pax.tpa.com.au
NB:
- eg. mail anon.36@pax.tpa.com.au
- don't be creative ... anon.036 won't work
- an attempt is made to strip off signature lines by discarding
everything after a line starting with "--" or "__"
- To send a post to a newsgroup:
mail anon.post.groupname@pax.tpa.com.au
NB:
- eg. "mail anon.post.talk.abortion" will send a
post to "talk.abortion"
- only the Subject field from your post is used, the rest of
the header is discarded
- the newsgroup is selected by the alias; Newsgroup header
fields are discarded; hence cross-posting isn't feasible
- signatures are stripped as above
"PGP" (encryption) commands:
- To register your public key with PAX: (ABSOLUTELY NECESSARY)
mail anon.key@pax.tpa.com.au
NB:
- first you have to make install pgp and make a key then send it
in a "anon.key" command
- the body of the message MUST contain an ascii encoded public key
generated by PGP V2.0. You may use your regular public key that
you give to other people if you wish. The user ID name must be
unlikely to conflict with one PAX already has, so use your full
name, or include your email address or something. If you want
you can use a unique key just for PAX - it makes no difference.
If PAX already has a key of the same user-id it will reject yours.
Note that this means that you need different key user-id's on
different machines (or mail addresses anyway).
# makes new keys & adds to your "keyring"
pgp -kg
Enter a user ID for your public key: First M. Last of somefirm
# extract key in ascii form suitable for a message body
pgp -kxa "First M. Last of somefirm" savedfile pubring
# send it to PAX
mail anon.key@pax.tpa.com.au