-----BEGIN PGP SIGNED MESSAGE-----
As an aside, all this talk about anonymous remailers is intriguing. Does anyone know with certainty what happens at the remailer site, within the software process of stripping headers and the likes, where the original sender of the message could be tracked? SENDMAIL logs, etc.?
Well, I recently checked the syslog file (found in /usr/spool/mqueue) on rosebud, and it contains entries like this: Aug 7 17:40:17 rosebud sendmail[24780]: AA24780: from=elee7h5, size=6544, class=0 Aug 7 17:40:19 rosebud sendmail[24781]: AA24780: to=[deleted] delay=00 :00:02, stat=Sent, mailer=tcp, host=[deleted] Aug 8 10:19:41 rosebud sendmail[24816]: AA24816: message-id=<[deleted]> Aug 8 10:19:41 rosebud sendmail[24816]: AA24816: from=<[deleted]>, size=618, class=0 Aug 8 10:19:41 rosebud sendmail[24817]: AA24816: to="|/users/emlab/elee7h5/remail/slocal.pl", delay=00:00:01, stat=Sent, mailer=prog, host= (I deleted out the addresses that were actually there.) Unfortunately, I can't erase the syslog file or turn sendmail logging off. Some things that would help foil traffic analysis would be to file all incoming mail in a directory, and then mail it out randomly in the early hours of the morning. Or, hop your mail around a bit more.
What would be preferrable, in ideal scenario, would be that all traces of the incoming message was discarded altogether. In this fashion, the operator of the remailer would be less likely to be "persuaded" to divulge the originator(s) of messages, if found in such a precarious position.
Ah, I have some bad and good news about my remailer elee7h5@rosebud.ee.uh.edu. A friend has loaned me his account, and in the course of setting up a remailer which uses RIPEM instead of PGP (some folks have requested this - and it should be up RSN :-), I tried to log into my account to fix the sendmail invocation option to -oi and recompile perl to include flock() support. I found my password had been locked! Actually, I've been expecting this to happen - you see, I'm through with UH and am going to Rice from now on. Rosebud is a workstation in the grad group I used to be in, and since I'm no longer a student, I figured this would happen sooner or later. BUT, it is a precedent that old student's directories are kept around, with logins disabled. I've tested the remailer, and it still responds, so hopefully it will run quietly for many more months/years :-) That was the bad news: I can't log into it to fix things, or check bounced mail, etc. But this is good news as well: bounces and errors are dropped, the remailer works automatically and I can't disable it :-) In fact, I have a pretty good excuse if ever somebody "abuses" the remailer... I can't do anything about it, heh :-) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLGZ3o4OA7OpLWtYzAQFd1AQAmOhpr0bkdEKptxmqRsCJ+5KfRacL8JFF Xq1ehVSa7Q7UPeqfoNRVpDpWljyajKiJ5DZElhUPHiDJbTD9GZzoP0w9+SPQqB6D Ar6nS1kt0BptEUoNC5aLDsFyOBx3f7pZg+7YfcBHs10hVybQUNIzGs+g9YWt+CtB GXZV17GOzlY= =BV0/ -----END PGP SIGNATURE-----