I wonder if this is also old hat to you people. If it turns out to be another FAQ, I promise to read some.
It is. The rumor of remailers being run by US authorities can be tracked down to statements by Paul Strassmann of the National Defense University and William Marlow of SIAC made at a Harvard conference. The Austrian jurist Viktor Mayer-Schoenberger reported in February 1996: | Both presenters explicitly acknowledged that a number of anonymous | remnailers in the US are run by government agencies scanning | traffic. Marlow said that the government runs at least a dozen | remailers and that the most popular remailers in France and Germany | are run by the respective government agencies in these countries. However, there has never been any remailer in France, and at that time, there was no remailer in Germany. It is certainly not true that dozens or even "all the e-mail anonymiser services" in the US are run by government agencies. Strassmann and Marlow later claimed that they had been quoted "out of context". They wrote, "We have no specific knowledge of any particular agency of any government offering remailers services. Whether or how they use remailers is not known to us. Online users just need to be 'aware of the risks.'" But unfortunately rumors are hard to stop. Anyway, the possibility that some remailers may be compromized is part of the threat model, and Mixmaster has been designed to be secure as long as there is one honest remailer in your chains. More information: http://caq.com/CAQ57Sniff.html http://catless.ncl.ac.uk/Risks/ (search for Strassmann Marlow) About the Mixmaster design: http://www.obscura.com/~loki/remailer/remailer-essay.html
The extortionist was sending the notes via e-mail, using what the professor referred to as "e-mail anonymiser servers" in the US.
It seems he in fact used a service like hotmail.