------- Forwarded message: | From: daemon@anon.penet.fi | Date: Mon, 1 Aug 94 22:15:07 +0300 | Subject: Anonymous message failed (wrong password) | | The message you sent to the anonymous server could not be processed, as your | password (in the X-Anon-Password: header) didn't match the one stored in the | server. Either you have made a mistake, or somebody has used your account and | changed the password. If the latter is the case, please contact | admin@anon.penet.fi. Julf - You need to add something to that message. I made no mistake, and no-one has changed my password. I simply mailed to a mailing list that has an anXXXXX@penet.fi address subscribed. Your service is too insecure to notice :-), and automatically 'out's anyone who unknowingly posts to such a list. All someone has to do is subscribe via an anon ID, and via a non-anon ID, then compare messages to associate anon IDs with regular addresses. How about adding: "Either you mailed to a list to which an anonymous ID has been subscribed, you have made a mistake, or...." I'd also strongly suggest that you stop automatically allocating anon IDs for folks who don't mail directly to your service. Perhaps you could reduce the load on your machine (and increase user security) by sending directly to the bit-bucket any messages where the Sender: and From: headers don't at least come from the same domain?