Another pax-type remailer

Yanek Martinson yanek at novavax.nova.edu
Tue Dec 22 07:04:18 PST 1992 

Forwarded message:
> Date: Tue, 22 Dec 92 15:24:12 +0200
> From: daemon at anon.penet.fi
> Message-Id: <9212221324.AA14827 at anon.penet.fi>
> To: yanek at novavax.nova.edu
> Subject: Anonymous help.
> 
> 
>               The anon.penet.fi Anonymous Server
>               ==================================
> 
> Yes, another anonymous server. Why?  Well, several well-known servers have
> bitten the dust recently. And most of them have served only a very limited
> subset of newsgroups, and mail only to "registered", anonymous users. One
> quite successful attempt at solving this problem was the server running at
> godiva.nectar.cs.cmu.edu, written and operated by Karl Kleinpaste
> <Karl_Kleinpaste at cs.cmu.edu>. Karl's software has been posted to alt.sources.
> 
> Due to reasons too complicated to mention here I wanted to set up an
> anonymous server for the scandinavian user community. I contacted Karl, and
> got a pre-release copy of his software. As the version I got relied heavily
> on the advanced features of MMDFII, I had to modify it quite a bit. While
> hacking around, I removed the restriction of only supporting selected
> newsgroups. Within a week of startup, the server had been discovered by
> transatlantic users, and more recent stats show european users are definitely
> a minority.
> 
> So what does the anon server really do? Well, it provides a front for
> sending mail messages and posting news items anonymously. As you send your
> very first message to the server, it automatically allocates you an id of
> the form anNNN, and sends you a message containing the allocated id. This id
> is used in all your subsequent anon posts/mails. Any mail messages sent to
> your-id at anon.penet.fi gets redirected to your original, real address. Any
> reply is of course anonymized in the same way, so the server provides a
> double-blind. You will not know the true identity of any user, unless she
> chooses to reveal her identity explicitly.
> 
> In the anonymization process all headers indicating the true originator are
> removed, and an attempt is made to remove any automatically-included
> signatures, by looking for a line starting with two dashes (--), and zapping
> everything from there on. But if your signature starts with anything else,
> it's your own responsibility to remove it from your messages.
> 
> There are two basic ways to use the system. The easiest way is by sending a
> message to recipient at anon.penet.fi:
> 
> 	To: alt.sex.bestiality at anon.penet.fi
> 
> 	To: an9999 at anon.penet.fi
> 
> 	To: help at anon.penet.fi
> 
> Of course, in the case of mailing to a known user, you have to use addresses of
> the form user%host.domain at anon.penet.fi, or the pretty obscure source addressing
> construct of @anon.penet.fi:user at host.domain. These constructs are not
> necessarily handled properly by all mail systems, so I strongly recommend the
> "X-Anon-To:" approach in these cases. This works by you sending a message to
> "anon at anon.penet.fi", including a X-Anon-To: header line containing the desired
> recipient. But this really has to be a field in the message header, before the
> first empty line in the message. So:
> 
> 	To: anon at anon.penet.fi
> 	X-Anon-To: alt.sex.needlework,rec.masturbation
> 
> 	To: anon at anon.penet.fi
> 	X-Anon-To: jack at host.bar.edu
> 
> Valid recipients in both cases are fully qualified user addresses in RFC-822
> format (user at host.domain), anon user id's (anNNN), newsgroup names
> (alt.sex.paperclips) or one of the "special" user names of ping, nick, help,
> admin and stat.
> 
> Sending to "ping" causes a short reply to be sent confirming (and
> allocating, if needed) your anon id. "nick" takes the contents of the
> Subject: header and installs it as your nickname. If you have a nickname, it
> appears in the From: header in the anonymized message along with your anon
> id. "help" returns this text, and stat gives some statistics about the
> system. Mail to "anon" goes directly to me unanonymized, and can be used to
> report problems. If you want to send mail to me anonymously, you can use
> "an0".
> 
> When crossposting to several newsgroups, you can list several newsgroups
> separated by commas (no whitespace) as recipients, but this only works using
> the X-Anon-To: header. References: headers do work, so they can (and should)
> be used to maintain reply threads.
> 
> Ah yes, please remember that the posting takes place at my local site, so you
> can only post to groups that are received at penet.fi. I get all "worldwide"
> groups, but various exotic local groups don't make it here. I have gotten
> a couple of comments about permitting anonymous postings to technical groups.
> I can only answer that I believe very firmly that it's not for me to dictate
> how other people ought to behave. Somebody might have a valid reason for
> posting anonymously to a group I might consider "technical". But remember
> anonymous postings are a privilege, and use them accordingly. I believe adult
> human beings can behave responsibly. Please don't let me down.
> 
> As the server was originally intended to be used by scandinavians, it
> includes support for various languages. The system makes an educated guess
> about your local language based on your top level domain. But it can
> misfire. Fortunately the server doesn't (yet) support urdu, swahili or
> basque... Ah, by the way, if you find it doesn't support your local
> language, and you want to volunteer to translate the message files, get in
> touch...
> 
> The user-id database is based on RFC822-ized forms of your originating
> address. This may cause problems for some users, either because their site
> is not properly registered in the name servers, resulting in
> non-deterministic addresses, or because their mail router doesn't hide the
> identity of individual workstations, resulting in different originating
> addresses depending on which workstation you mail from. Talk to your
> administrator. If that doesn't help, let me know, and I will make a manual
> re-mapping.
> 
> You might wonder about the sense of using a server out somewhere, as the
> song goes, "so close to Russia, so far from Japan". Well, the polar bears
> don't mind, and the ice on the cables don't bother too much :-)
> Well, in fact, as we live in a wonderfully networked world, the major delay
> is not going over the atlantic, but my local connection to the Finnish EUnet
> backbone, fuug.fi. Once you reach a well, connected host, such as
> uunet.uu.net, there's a direct SMTP connection to fuug.fi. My connection to
> fuug.fi is currently a polled connection over ISDN, soon to be upgraded to
> on-demand-SMTP/NNTP. But for now, expect a turn-around delay of 2-4 hours for
> trans-atlantic traffic.
> 
> Oh yes, then there's the question of confidentiality/security. The service
> runs on one of the 386 boxes in my back room at home, and the machine is not
> directly accessible from the internet. So the only one who can get to the
> database is myself. Well, if the police or the local Secret Service comes
> knocking at my door, with a court order to hand over the database, I might
> comply. But then I might, of course, accidentally delete the file instead of
> copying it... And maybe possibly there could be cases where, if somebody could
> come up with really hard evidence of activities such as blackmail, I could be
> persuaded...
> 
> Anyway, short of having everyone run a public-key cryptosystem such as PGP,
> there is no way to protect users from malicious administrators. You have to
> trust my personal integrity. Worse, you have to trust the administrators on
> every mail routing machine on the way, as the message only becomes anonymous
> once it reaches my machine. Malicious sysadmins and/or crackers could spy on
> SMTP mail channels, sendmail queues and mail logs. But as there are more
> than 350 messages being anonymized every day, you have to be pretty perverted
> to scan everything...
> 
> Another thing is mail failures. I've had cases of mail routers doing the wrong
> thing with % addresses, "shortcutting" the path to the destination site.
> This could cause your mail to go to the final destination without ever
> touching my server (and thus without getting anonymized). This can be avoided
> by using the X-Anon-To: method.
> 
> And if your return address bounces for some reason (nameservers down,
> temporary configuration failures etc.), the original sender and/or
> postmasters on the way might get error messages showing your true
> identity, and maybe even the full message.
> 
> And crackers are just too clever. Undoubtedly somebody is going to come
> up with some novel method....  Not much I can do about that...
> 
> If you intend to mail/post something that might cost you your job or
> marriage or inheritance, _please_ send a test message first. The software
> has been pretty well tested, but some mailers on the way (and out of my
> control) screw things up. And if you happen to find a problem, _please_ for
> the sake of all the other users, _let me know asap_.
> 
> And _please_ use the appropriate test newsgroups, such as alt.test or
> misc.test. Yes, _you_ might get excited by reading 2000 "This is a test.."
> messages on alt.sex, but I warn you that most psychologists consider this
> rather aberrant...
> 
> And remember this is a service that some people (in groups such as
> alt.sexual.abuse.recovery) _need_. Please don't do anything stupid that
> would force me to close down the service. As I am running my own company,
> there is very little political pressure anyone can put on me, but if
> somebody starts using the system for criminal activities, the authorities
> might be able to order me to shut down the service. I don't particularly
> want to find out, however...
> 
> If you think these instructions are unclear and confusing, you are right. If
> you come up with suggestions for improving this text, please mail me! Remember
> English is my third language...
> 
> Safe postings!
> 
> 	Julf
> 
> - - - ------------------------------------------------------------------- - - -
> Johan Helsingius     Kuusikallionkuja 3 B 25   02210  Espoo  Finland     Yourp
> net: julf at penet.fi   bellophone: int. +358 0400 2605  fax: int. +358 013900166
> 


--
Yanek Martinson    mthvax.cs.miami.edu!safe0!yanek     uunet!medexam!yanek
this address preferred -->> yanek at novavax.nova.edu <<-- this address preferred
Phone (305) 765-6300 daytime   FAX: (305) 765-6708  1321 N 65 Way/Hollywood
      (305) 963-1931 evenings       (305) 981-9812  Florida, 33024-5819

More information about the cypherpunks-legacy mailing list