-----BEGIN PGP SIGNED MESSAGE-----
As an aside, all this talk about anonymous remailers is intriguing. Does anyone know with certainty what happens at the remailer site, within the software process of stripping headers and the likes, where the original sender of the message could be tracked? SENDMAIL logs, etc.?
Well, I recently checked the syslog file (found in /usr/spool/mqueue) on rosebud, and it contains entries like this: Aug 7 17:40:17 rosebud sendmail[24780]: AA24780: from=elee7h5, size=6544, class=0 Aug 7 17:40:19 rosebud sendmail[24781]: AA24780: to=[deleted] delay=00 :00:02, stat=Sent, mailer=tcp, host=[deleted] Aug 8 10:19:41 rosebud sendmail[24816]: AA24816: message-id=<[deleted]> Aug 8 10:19:41 rosebud sendmail[24816]: AA24816: from=<[deleted]>, size=618, class=0 Aug 8 10:19:41 rosebud sendmail[24817]: AA24816: to="|/users/emlab/elee7h5/remail/slocal.pl", delay=00:00:01, stat=Sent, mailer=prog, host= (I deleted out the addresses that were actually there.) Unfortunately, I can't erase the syslog file or turn sendmail logging off. Some things that would help foil traffic analysis would be to file all incoming mail in a directory, and then mail it out randomly in the early hours of the morning. Or, hop your mail around a bit more.
What would be preferrable, in ideal scenario, would be that all traces of the incoming message was discarded altogether. In this fashion, the operator of the remailer would be less likely to be "persuaded" to divulge the originator(s) of messages, if found in such a precarious position.
Ah, I have some bad and good news about my remailer elee7h5@rosebud.ee.uh.edu. A friend has loaned me his account, and in the course of setting up a remailer which uses RIPEM instead of PGP (some folks have requested this - and it should be up RSN :-), I tried to log into my account to fix the sendmail invocation option to -oi and recompile perl to include flock() support. I found my password had been locked! Actually, I've been expecting this to happen - you see, I'm through with UH and am going to Rice from now on. Rosebud is a workstation in the grad group I used to be in, and since I'm no longer a student, I figured this would happen sooner or later. BUT, it is a precedent that old student's directories are kept around, with logins disabled. I've tested the remailer, and it still responds, so hopefully it will run quietly for many more months/years :-) That was the bad news: I can't log into it to fix things, or check bounced mail, etc. But this is good news as well: bounces and errors are dropped, the remailer works automatically and I can't disable it :-) In fact, I have a pretty good excuse if ever somebody "abuses" the remailer... I can't do anything about it, heh :-) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLGZ3o4OA7OpLWtYzAQFd1AQAmOhpr0bkdEKptxmqRsCJ+5KfRacL8JFF Xq1ehVSa7Q7UPeqfoNRVpDpWljyajKiJ5DZElhUPHiDJbTD9GZzoP0w9+SPQqB6D Ar6nS1kt0BptEUoNC5aLDsFyOBx3f7pZg+7YfcBHs10hVybQUNIzGs+g9YWt+CtB GXZV17GOzlY= =BV0/ -----END PGP SIGNATURE-----
On most UNIX systems, nothing prevents an ordinary user (one without the root password) from writing his/her own program for sending mail to a remote site with SMTP/TCP/IP; there's no requirement to go through the normal sendmail queue. Incoming mail is a different story, but at least you can keep the outgoing half of your traffic from being logged. Phil
Why write your own problem? Get the sendmail sources from any number of ftp sites, modify them a little, recompile, and use your own sendmail instead of your OS's for delivery. Then, you can keep limited logs for debugging in a place you can delete them when you're done. The only catch is that running as you instead of root, you can't listen on port 25. Marc
Why write your own problem? Get the sendmail sources from any number of ftp sites, modify them a little, recompile, and use your own sendmail instead of your OS's for delivery. Then, you can keep limited logs for debugging in a place you can delete them when you're done. The only catch is that running as you instead of root, you can't listen on port 25.
Two problems: 1) Aren't telnets logged, at least at the site you telnet to? If I "telnet xxxx smtp", doesn't the site I telnet to have it in a log? I can't control that, and that could identify me. 2) Sendmail (at least on our system) drops mail into a queue owned by root, and inaccessible to anyone else. So without root privs your sendmail may not function. (I know because I've tried). I'm no UNIX guru, just a hacker, so if someone knows more by all means correct me. ------------------------------------------------------------------------- Peter Breton pbreton@cs.umb.edu PGP key by finger =========================================================================
You don't use the system telnet, you write your own socket application. No UNIX systems I know log at this level, but it is certainly possible. Or someone could record packets off the local Ethernet. There's not much you can do about this. You could hack up a copy of sendmail, but SMTP is so trivial that you could do it yourself, especially since the functionality you need is so limited. Phil
Phil Karn says:
You don't use the system telnet, you write your own socket application. No UNIX systems I know log at this level, but it is certainly possible. Or someone could record packets off the local Ethernet. There's not much you can do about this.
You could hack up a copy of sendmail, but SMTP is so trivial that you could do it yourself, especially since the functionality you need is so limited.
Indeed, writing an SMTP agent in Perl is quite trivial -- I've done it. Perry
participants (5)
-
Karl Barrus
-
karn@qualcomm.com
-
Marc Horowitz
-
Perry E. Metzger
-
Peter Breton