From: "John A. Perry" <perry@jpunix.com>
A question, from an internet mail novice: How does the 'invisible' remailer advertise itself as its 'visible' name in it's outgoing mail?
Perhaps the easiest thing to do is to add a Received: field to all outgoing remailed mail so that it appears that the visible site is handling the invisible site as if it were UUCP or a firewall or mailhub or something. Since anybody who really wants find out who actually owns the machine is going to, you might as well indicate the real relation up front, namely, that the owner of the visible machine routs mail for the invisible one. In other words, there would be two Received: fields in outgoing remailed mail. The first (lower, later in the stream) Received: field would be generated by the remailer software. The second would be added by the system sendmail. It will be tricky to make this look just right. Another way to mask this is to give the remailer its own IP address. It's easy to recompile extra slip interfaces into a kernel; each gets its own IP address. Routing the output of the remailer through these extra interfaces can require some hackery, though. I only know about this second hand, but evidently the BSDI 1.1 release added some BSD 4.4 feature that makes this kind of IP hack much easier. With an extra IP address, you then register a full suite of domain names just like normal. This could be a new second-level domain or a subdomain of, say, techwood.org. You'll want SOA, A, MX, and PTR records. The NS entry for the relevant domains (esp. PTR records) will generally reveal the computer/network operator, but again, this is a technical relationship only. What you have done is pretty completely separated the technical infrastructure from the remailer operation. What we're creating here, of course, is virtual machines. Unix kernels have supported multiple processes and multiple users for a long time. I expect multiple virtual machines this decade. The MX record idea was not meant to totally hide a remailer. It was meant to act as a "casual" mask for the remailer. And I think this mask is quite good. It's generally a good idea to try the easier-to-deploy solutions first and see if they work. All the IP spoofing above takes a bit of work to do. Just using an MX record and getting a second postmaster address is clearly the first thing to do. Eric