Anonymous message failed (wrong password) (fwd)

[Richard Johnson]

------- Forwarded message:
| From: daemon at anon.penet.fi
| Date: Mon, 1 Aug 94 22:15:07 +0300
| Subject: Anonymous message failed (wrong password)
| 
| The message you sent to the anonymous server could not be processed, as your
| password (in the X-Anon-Password: header) didn't match the one stored in the
| server. Either you have made a mistake, or somebody has used your account and
| changed the password. If the latter is the case, please contact
| admin at anon.penet.fi.

Julf -

You need to add something to that message.  I made no mistake, and no-one
has changed my password.  I simply mailed to a mailing list that has an
anXXXXX at penet.fi address subscribed.  Your service is too insecure to
notice :-), and automatically 'out's anyone who unknowingly posts to such
a list.  All someone has to do is subscribe via an anon ID, and via a
non-anon ID, then compare messages to associate anon IDs with regular
addresses.

How about adding: "Either you mailed to a list to which an anonymous ID
has been subscribed, you have made a mistake, or...."

I'd also strongly suggest that you stop automatically allocating anon IDs
for folks who don't mail directly to your service.  Perhaps you could
reduce the load on your machine (and increase user security) by sending
directly to the bit-bucket any messages where the Sender: and From:
headers don't at least come from the same domain?