Will Kinney suggests a form of anonymous return address in which "Request-Remailing-To" headers are nested and encrypted, then used for addressing. This is a fine idea, Will, but we're way ahead of you on this. This approach has been used ever since we added encryption to the remailers. Karl Barrus even wrote a script specifically for constructing anonymous addresses like this. It's available from the Cypherpunks ftp site. (soda.berkeley.edu, /pub/cypherpunks. I think the file is something like "scripts.tar".) The problem with this in practice is, first, that the return address block is rather large, especially if more than one level of nesting is used (often 10, 20 lines or more); and second, that it does not lend itself to automatic use of the "reply" function. Instead, the replier has to cut and paste this block of text from the message he's replying to and put it in the right place in his own message. And he has to be instructed in how to do this. (Karl's script adds the instructions when it creates the return address.) This is pretty complicated. This is why Eli suggested (based on suggestions from Eric Hughes) that at least Julf's remailer be enhanced so instead of just mapping, say, an12345 to joe@foo.com, it would map to a Cypherpunks return address of the type Will is describing - a block of encrypted text. People could then have the convenience of automatic replies to an12345 along with the security of a chained address. I don't think the idea quite works in this form, since I don't see how messages to Julf get translated to an12345. Presumably only messages from one specific user should get posted under this ID (the user whose address is buried in the encrypted return address to which Julf's remailer will forward replies). Perhaps another set of commands is needed to tell the remailer what ID to use to post under. By the time you do this much I don't think that what you have bears much resemblence to Julf's current software. I am stymied in doing experimentation in this area by one fundamental problem. I do not have the power to create user ID's on any systems which I use, so I can't create pseudonym accounts. I have tried various tricks. For example, I sent mail with a "Reply-To:" of "hal@alumni.caltech.edu (Pseudonym 12345)". I hoped that if someone did a reply to this mail, it might come to me with that whole field in the "To" line, and I could then parse it for the pseudonym number. That didn't work on the particular reply mailer that I used; it stripped the comment field in parentheses. The one other idea I've had is to put something at the beginning of the Subject: line, so if the user remailed a message with a Subject: of "How's it going, Jack?" it would actually go out as "Subject: (P12345) How's it going, Jack?". Then when they reply it will probably come back as "Subject: Re: (P12345) How's it going, Jack?" or something similar, and I can parse for the (Pxxxxx). This might work pretty often but munging the Subject line is bad for news posting since a lot of news readers sort by subject line. I could put the (Pxxxxx) at the end but it might get truncated? Maybe not. I wonder if anyone knowledgable in mail systems could suggest a relatively robust way of setting up outgoing headers so that return mail will (A) come back to me (hal@alumni.caltech.edu in this case) and (B) be marked in some unique way that would let me do a pseudonym mapping. Any ideas would be appreciated. Hal Finney 74076.1041@compuserve.com