---------- From: dmolnar[SMTP:dmolnar@hcs.harvard.edu] On Tue, 3 Oct 2000, Steve Furlong wrote:
cost might be a little extra electricity. No funding is necessary unless the usage is so high that my ISP bitches at me. Personal time involved in maintaining the system will, I hope, be low; if it's more than negligible I won't be able to do it. I can see the sense of running the plan past a lawyer, but why would there be a continuing expense in this area?
People will use your remailer to send spam and death threats. There may even be people who will use your remailer to send spam and death threats to themselves, simply because they hate remailers. The recipients will contact you and your ISP. Repeatedly.
My impression from reading alt.privacy.anon-server is that for many ISPs, it doesn't take too much of this before the ISP asks the remailer to leave. It's not a question of legal liability so much as the spam and the hassle. (An example of how life is lived mainly outside the law, though maybe in view of it.)
You can implement spam-blocking filters on your remailer...but that's another can of worms.
-David
[Warning in advance: I don't run a remailer, and never have, so what follows could be labled uninformed speculation]. I would like to suggest that a remailer could eliminate nearly all it's problems by only sending out encrypted mails - that is, if after removing the encryption that was applied using it's own private key, it finds that the result is plaintext, it simply drops the message. This has some neat and useful properties. * It eliminates spam. Spammers would have to encrypt each individual message with the key of the recipient, which is too much hassle. * It eliminates any possibility of the remailer knowing the content, which alleiviates him/her of responsibility for that content. * The remailer still operates fine as a mid-chain remailer. * All recipients need to have keypairs. They are thus at least somewhat crypto-savvy people, and unlikely to place unreasonable requests on the remailer or his/her ISP. The only bad point: * All recipients need to have key pairs. Thus, a crypto-only remailer can't be a terminal remailer to mailing lists, newsgroups, or individuals without keypairs. Peter Trei