At 07:45 PM 10/20/95 +0100, "Rev. Mark Grant" <mark@unicorn.com> wrote:

...

"You have a piece of mail awaiting at our mail delivery service. The originator is unknown. The title of the message is "Tentacles of Medusa Must Die!" You may retrieve this message by replying to this notification with the word "Yes" anywhere in the Subject field. This message will be kept for 60 days and then deleted."

I suspect that I could easily hack this into Mixmaster in a day or two, but wouldn't it open you to attacks where Anonymous Fed, say, sends terrorist kiddy-porn through your remailer and busts your ISP during those 60 days for possession ? I'm not sure if it would be better or worse than current setups from that point of view.

One way to deflect this attack is to encrypt the message for storage using a symmetric-key algorithm with a randomly generated session key, and send the session key to the recipient with the notification. You still have 300 MB of planted kiddy-terrorist narcopornography on your machine, but it's encrypted and you can happily tell the judge that you _can't_ decrypt it because you don't have the key. The Feds _could_ get the keys by eavesdropping on your outgoing correspondence or using your system to send the material to themselves (or a conveniently employed child), but at least you're not storing it in plaintext. More of a problem with this system is that it's only useful for terminal remailers; to use it in the middle of a chain, the next remailer would need to be configured to auto-accept such messages, or else your remailer would need to have a list of known remailers and use direct delivery for all mail sent to them. #--- # Thanks; Bill # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281 #---