RE: CNN.com on Remailers
One solution, which I've long advocated, is for the remailer to drop mail which has an unencrypted body after it's applied it's decryption key.
Provided this is an announced policy, substantially increases the protection of the mail and the remop. It does mean that only people capable of using encryption can receive mail via the remailer, but that's probably a *good* thing.
No, that is a terrible idea. It totally destroys the usefulness of remailers on Usenet and mailing lists. "Make your system so hard to use that no one uses it. That way, no one will abuse it!" Pshaw.
[Various discussion about spammers using crypto to use remailers. There's not much, but it's there. Encrypted-Outgoing-Only reduces the problem a lot, since there aren't many people who'll positively respond to encrypted spam :-) ] At 08:15 PM 12/19/2001 +0100, Anonymous replied to Peter Trei:
One solution, which I've long advocated, is for the remailer to drop mail which has an unencrypted body after it's applied it's decryption key.
Provided this is an announced policy, substantially increases the protection of the mail and the remop. It does mean that only people capable of using encryption can receive mail via the remailer, but that's probably a *good* thing.
No, that is a terrible idea. It totally destroys the usefulness of remailers on Usenet and mailing lists.
Obviously there are some destinations that need to be exceptions. Usenet's easy - keep track of known mail2news gateways, and any time you send mail to Usenet, you need to put lots of disclaimers about it's remailed, it's probably forged, there's no way to reply, etc. Mailing lists are tougher, because you obviously can't keep a list of them. Another way to deal with unencrypted outgoing message is to send mail saying "we've received an anonymous message for you. You can pick it up at https://myremailer.com/tempoutgoing/msg124354.txt within 7 days." or some such.
On Sat, 29 Dec 2001, Bill Stewart wrote:
Obviously there are some destinations that need to be exceptions. Usenet's easy - keep track of known mail2news gateways, and any time you send mail to Usenet, you need to put lots of disclaimers about it's remailed, it's probably forged, there's no way to reply, etc.
Certainly wise, though not popular with the remailer users (see the thread on alt.privacy.anon-server discussing the recent switch by one of the most popular mail2news gateways to this type of system, where a disclaimer is placed at the top of the message.) The simple truth is that the average user can't be expected to look at mail or news headers, though, so you need to place such things in the body.
Mailing lists are tougher, because you obviously can't keep a list of them.
What about an "opt-in" service for mailing list admins?
Another way to deal with unencrypted outgoing message is to send mail saying "we've received an anonymous message for you. You can pick it up at https://myremailer.com/tempoutgoing/msg124354.txt within 7 days." or some such.
I've thought about this before. I was concerned about the potential risks of keeping the messages in an identifiable manner on the remailer server... but if everything is encrypted, it wouldn't matter. Unfortunately, requiring everything be encrypted also limits the whistle-blower, anonymous tipster applications of these systems. Additionally, it would be nice if the major PGP implementations supported the "stealth encryption" features, too. (Yes, there's ways to make do without it...) -MW-
participants (3)
-
Anonymous via the Cypherpunks Tonga Remailer -
Bill Stewart -
Meyer Wolfsheim