I am surprised there isn't a widely agreed upon codification of remailer operator ethics for handling abuse cases. Perhaps there is, and I would appreciate someone pointing me to it. I am not presently on cypherpunks, so please include me in the replies. Here is the situation. homer@rahul.net runs with header logging on, it contains, From: To:, Date: and Subject. rahul.net also keeps syslog files for a week, and makes them public to those on rahul.net. B writes me saying he is the 'admin of a listserv' and complains that someone is abusing his list with postings through my remailer. He wants the name and e-mail of the abuser to 'talk to him personally'. Clearly I should not give out the name of a remailer user (if I know it) unless ordered to by a court order. Thus his request is, on the surface of it, absurd. In this case the alleged abuser, A, did not chain his posting so my logs clearly show who it is. Clearly I am always going to know the To: of an abuse because the complaint comes to me from or about that address. If the abuser only uses one remailer, then I am clearly going to know the From: line also, as it is right there in the header logs or rahul.net syslog files (same thing.) If the abuser chains and a complaint comes to me, all I will know about the From: line is that it came from another remailer. However now that I know his name and e-mail, if I get another complaint about him, and he has wised up and started chaining, I could pass his name onto the prior remailer before mine, and that remailer could do the same, until it came back to the first remailer on the chain who could take action. This however would piss off a lot of remailer operators. But now what action is appropriate? Well giving A's name to B is out of the question without a court order, right? Blocking the To: line, namely the abused party, is extreme as that blocks others from posting to that list or group, unless the list or the group wishes to have no anon messages. In which case I probably might consider blocking the end recipient. Blocking the From: line, will stop all further postings from that person, which is fitting if indeed he is 'abusing' people, but he will merely start posting through other remailers, who will then have to go through the same procedure. Perhaps there is some justification then for remailer operators sharing blocked From: lines with each other, that might be a good idea. But who is to decide what is or is not abuse? Surely I can't let others tell me that they have been abused without even reading the message, I have seen it happen all to often that parties claim they are being abused when they are merely being exposed and rightly so. On the other hand, since I am responsible for my own little corner of the net, if something happens that I consider abuse, I certainly have a right to put an end to it if I can. Some questions: Does any single recipient have the right to demand that they be blocked from all anon messages. I would say yes. How about demanding blocking anon messages only from some senders? That is harder to implement. If you block the sender, you block ALL his postings, not just to that party. So you would need to block specific From: and To: combinations. This would not work with chaining at all, even if we did share blocking information. So that is out. Does a list owner have the right to demand blocking to his list, with or without a vote of the list readers? I would say yes. What about a newsgroup? I would say it takes a vote. Are anon voites allowed? Touchy question that was important at one time on alt.r.scientology. Anyhow I would guess that the correct action here is to write the offender and let him know a complaint has been registered against him. I would also educate him as to why he was so easily traced and tell him that if he wants to avoid such in the future to start chaining. However if he is a determined abuser not prone to social embarassment, then the sharing of blocking among remailer operators might become a very good idea. I don't know how you seasoned reops feel about abuse, jpunix went out of business for want of an effective way to deal with it. I think part of the answer is in close cooperation. This might help keep the abuse down, and raise the reputation of reops so that people begin to think of us as responsible service providers rather than anarcho terrorists. However I am very new to this field, so I may have my head stuck up my ass, and I would like to hear back from you on your ideas. Homer Wilson Smith homer@rahul.net