[is cypherpunks down again? Haven't seen any traffic in 24 hours...] : From: ghio@kaiwan.com (Matthew Ghio) : Newsgroups: alt.anonymous,alt.privacy.anon-server,alt.current-events.net-abuse : Subject: My anonymous remailer : For the second time in one week someone has again mailbombed my remailer. : Last weekend it was the infamous Detweiler, and now some lamer from ysu.edu : just mailbombed someone on one of the freenets by sending copies the same : post from comp.binaries.mac over and over... I guess the freshmen have : arrived early this year. : Maybe it is just coincidence but I am starting to get somewhat pissed off. : I've been running anonymous remailers for quite a while now and have never : had to deal with crap like this. As the remailer is a vaulable service for : many people, I don't want to shut it down or start putting burdensome : restrictions on its use... Suggestions appreciated. I've been pondering this for some time. I think it's time to try a new experiment in anonymous remailing. I think that all remailers should close down, then open up with new addresses and a single shared new policy... the new policy being that each individual remailer will do his best to 'out' all posters - complete disclosure, log files available, posts available, summaries show up via finger etc etc. Give *us* the same access to the info that the LEAs have, and let us try to work out who is posting what. This puts the onus on the posters to use the encryption and chaining features, and on us to generate our spoofing traffic and delay mail and whatever else it takes to foil traffic analysis. Also, we automatically bounce submissions in plaintext at the point of entry - the only cleartext should be at the point of exit (and not even that if it's personal mail rather than news postings). And we should not guarantee service. Postings can get lost for whatever reason. If someone wants to kill postings in cleartext at the point of delivery to newsgroups or mailing lists, let them. That should stop the Detweilers and place the responsibility of abusing the remailers on the shoulders of the remailer operators. If an abusive posting is sent to news from remailer X, it's clear remailer X was the one that passed it on and had the cleartext available. And with a new policy of outing everyone automatically, people *know* we'll read the cleartext at the point of delivery. This seems to me more consistent with the cypherpunk ideal of users securing their own privacy, rather than trusting someone. G