CDR: Re: Re: Anonymous Remailers cpunk

Neil Johnson njohnson at interl.net
Tue Oct 3 18:33:43 PDT 2000


Checking the first 20 bytes just means the spammer will just add 20 bytes of
junk to the start of their message.

Spammers unfortunately, can be pretty smart, look at all the work they will
do to cull addresses from newsgroups and mail lists, even looking for
"mailto:fred at NOSPAM.fff.com (Remove NOSPAM to send me a message)" type
addresses.

Better to have it run the message through the encryption program (PGP or
Mix) somehow to see if it is a well formed (contains valid packets).

Of course that means restricting users to PGP or other standard encryption
systems

(I can see it now, all SPAM will arrive starting with "------ BEGIN PGP
ENCRYPTED MESSAGE ----")

:)

I always liked the proposal of using crypto to force users pay money to have
the message sent, then be refunded if the recipient feels the message was
worthwhile.

Neil M. Johnson
njohnson at interl.net
http://www.interl.net/~njohnson
PGP Key Finger Print: 93C0 793F B66E A0C7  CEEA 3E92 6B99 2DCC

----- Original Message -----
From: "Steve Furlong" <sfurlong at acmenet.net>
To: "Multiple recipients of list" <cypherpunks at openpgp.net>
Sent: Tuesday, October 03, 2000 5:22 PM
Subject: CDR: Re: Anonymous Remailers cpunk


> <<Proposal to limit spam sent through anon remailers by requiring that
> the traffic be encrypted>>
>
> Jim Choate wrote:
> >
> >> <<Jim wrote that there was no good way to tell if the message was
encrypted>>
> >>
> > On Tue, 3 Oct 2000, Steve Furlong wrote:
> >
> > > Why not just read the first 20 bytes of the body? If 90% or more
aren't
> > > printable ASCII assume the message is encrypted.
> >
> > So, how come all of a sudden we're injecting algorithms that the users
> > must know to even access the network? What sort of regulatory mechanism
is
> > required to mediate changes to the process?
>
> Perhaps we're talking at cross purposes. This subthread came along
> because some people have noticed that anonymous remailers are used for
> an awful lot of spam. Peter Trei proposed that remailers could pass
> along only encrypted mail. My understanding was that Alice, the
> message's author, would encrypt the message with Bob's public key; Bob
> is the end recipient: a person or a mailing list or whatever. Alice
> would send the message through Ramona, the anonymous remailer. Ramona is
> requiring that messages be encrypted as a means of filtering out spam.
> Ramona does not need to know Bob's public or private keys; Ramona cares
> only that the message is encrypted.
>
> I'm assuming there's a way to tell with minimal difficulty if a message
> is encrypted, without relying on an easily-spoofed X header line.
> Perhaps someone who knows more about all of the many message protocols
> can weigh in here.
>
>
> > So, we can't send uuencoded text to guard against ASCII-pure (i.e.
7-bit)
> > machines? Why not? I actualy prefer that sort of stuff because as a last
> > resort I can check it visualy for errors.
>
> You could uuencode your original message before encrypting it. You're
> right, there could be a problem if one of the boxes in the chain handled
> only 7 bits. Is that a realistic problem anymore? (That was a serious
> question, not a dig.)
>
>
> > A remailer should do NO content checking, ever. It's ONLY job is to
route
> > and destroy traffic analysis.
>
> This would be an additional service for the recipients, filtering out
> probable spam. It might be a minor inconvenience for Alice. On a
> message-by-message basis it could be a minor inconvenience for Bob, but
> if Bob had been receiving a lot of spam through the remailer it'd be a
> neg gain. It'd be a huge inconvenience for Sue, the spammer, as
> intended.
>
> --
> Steve Furlong, Computer Condottiere     Have GNU, will travel
>    518-374-4720     sfurlong at acmenet.net
>
>





More information about the cypherpunks-legacy mailing list