The moderator to alt.whistleblower, instead of a person's mail address, could be a mail alias which invokes a header field stripper. That way it would be impossible to post to the group with your identity in the header. Every posting anonymous! Sort of like a mathematical dual of alt.forgery.
I would also suggest a periodic posting explaining exactly how secure that is. (Proof against casual attack, but not against local or global network monitoring.)
It seems easy enough. I'd do it myself if I had root anywhere. The perl scripts for remailing would be easily hacked. You could even retain the automatic PGP decryption for the more informed, the more paranoid.
Well, I hereby volunteer anon.penet.fi for such use. I already have the posting stuff in place, and .fi is outside US jurisdiction.... It would be a one-line hack to disable the anon id generation for posters to that group... So the security concerns re anon.penet.fi mentioned on this list wouldn't apply... Now I only have to get PGP up on the damned Interactive UNIX... Or switch to bsd/386 or something... Julf (admin@anon.penet.fi)