[ot][spam] remailer notes

Undescribed Horrific Abuse, One Victim & Survivor of Many gmkarl at gmail.com
Tue Nov 22 15:10:30 PST 2022


I’m reading some of
http://www.faqs.org/faqs/privacy/anon-server/faq/use/ . At the moment
I’ve read through part3 (but ended up taking notes through the end).
I’ve also read a couple list posts.

- the faq is considered out of date by many years
- there are paid remailer networks people use
- a lot of activity regarding windows machines
- running a remailer takes a little upkeep
- send test messages to alt.test or misc.tes
- cypherpunk or type I remailers accept commands and forward messages
- they can be crafted in a text editor [1]
- commands also accepted in subject line:
	Subject: remailer-key
	Subject: remailer-conf
	Subject: remailer-help
	Subject: remailer-stats
- mixmaster or type II remailers perform onion routing and obfuscation
- mixmaster remailers are used with client software rather than manually
part 4:
- the security of a remailer node relies on its secure administration;
hence encrypted hops
- the remailer people experienced traffic analysis attacks
- at the time of writing of the faq, four newer projects were listed:
WOF <http://www.bigfoot.com/~potatoware/wof/>,
RadioClash <http://piratech.net/radioclash/>, Publius
<http://www.cs.nyu.edu/~waldman/publius/>, Freenet
<http://freenet.sourceforge.net/>
- “middleman” remailers always add an additional hop if one is not provided
- using multiple hops is called “chaining”
- for the message to be hidden from basic node and network operators,
it must be both encrypted and chained
- manual chaining for old type I remailers instructions pasted at [2]
- mail2news gateways forward emails to newsgroups nonanonymously
- remailers can do this with command: Anon-Post-To: misc.test
- mail2news gateways respond to subject line commands: “help” “group”
“list RE” where RE is a regexp
- mail2news group list replies may leave out many groups actually supported
- remailers can barf when too many email headers accumulate
- you can abuse open smtp relays to forward mail by checking abuse
watch sites, faq explains this (people were probably asking about it,
crackers hide this way)
part 5 explains remailers’ stats pages
part 6:
- learn pgp
- major remailer clients included quicksilver (windows) and mixmaster
(cross-platform)
- i searched the list. a newer remailer is yamn (golang):
https://sec3.net/yamnhelp/ https://github.com/crooks/yamn crook is his
last name. also omnimix on windows: https://www.danner-net.de/om.htm .
there’s a newer mixmaster (last update 2021) too:
https://github.com/merkinmuffley/mixmaster4096
part 7
- nym servers let you send with a name and reply-to address by
registering with them
- nym servers don’t need to know who you are.
- nym commands must begin with “Config:”
- you can configure a nym server to send replies to alt.anonymous.messages
- the replies encrypt information to your private key for identification [3]
- remember to rotate all keys regularly
- usage problems are usually from broken material: nonresponding
remailers, nonworking reply blocks. verify each part of config.
part 8
- delay time can be set with Latent-Time: +0:00
- sometimes it can take days for a message to go through, but usually
this is due to understandable/comprehensible network details
- messages can also be dropped for a number of reasons [4]



1:
============
::
Anon-To: news.reporter at nbc.com
Latent-Time: +0:00

##
Subject: My Company Dumps Toxic Waste

I'm writing this anonymously because I don't want to lose my job.
My company has, for the past three years...
============

The above message is cut and paste into PGP and encrypted with the
chosen remailer's key, say gretchen at neuropa.net

============
-----BEGIN PGP MESSAGE-----

Version: PGP 2.6x
hQCMA8asoPEC0e2BAQP9GqR2aXNOstRq8eJW2QVubioR0gO7Ue0AOL/rFdnxXknC
YPpe2X2TKlcvd961+lhe9w2Y8vo3JcBYYBifTJRwmMjnXLagCU4Mhh0VZtk/QXMZ
/FLeJWi67qsb45a2mNw0/Q8eXHKfOQyHcmEQ7cg/bq4Xz6LusfxBHF8zsojVOgal
8RVRtr9drjBlOzJvWxaq7LrKidME6q0tM7pRiLN5dvVBon2NKlmpJI6vAFjyi8ma
f5Bg6Zor+PMxcm3EmuWbjLEiOu5USrTgU4OiaC7PHF9INxwXuKmdNz/JprgOc0c6
6s6RvbOo6rsvlwqPKw==
=ICz/
-----END PGP MESSAGE-----
=============

Finally, the user has to append a directive to the top of the
encrypted message, making it look like this:

============
::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: PGP 2.6x

hQCMA8asoPEC0e2BAQP9GqR2aXNOstRq8eJW2QVubioR0gO7Ue0AOL/rFdnxXknC
YPpe2X2TKlcvd961+lhe9w2Y8vo3JcBYYBifTJRwmMjnXLagCU4Mhh0VZtk/QXMZ
/FLeJWi67qsb45a2mNw0/Q8eXHKfOQyHcmEQ7cg/bq4Xz6LusfxBHF8zsojVOgal
8RVRtr9drjBlOzJvWxaq7LrKidME6q0tM7pRiLN5dvVBon2NKlmpJI6vAFjyi8ma
f5Bg6Zor+PMxcm3EmuWbjLEiOu5USrTgU4OiaC7PHF9INxwXuKmdNz/JprgOc0c6
6s6RvbOo6rsvlwqPKw==
=ICz/
-----END PGP MESSAGE-----
============

The user then mails the above encrypted message (double colons and
all) NOT to the intended recipient but instead to the remailer's
address: <gretchen at neuropa.net>. This arrives at the remailer where it
is eventually processed, decrypted and mailed to
<news.reporter at nbc.com> appearing to have come from "Anonymous"
<nobody at neuropa.net>.



2:
-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 8 Aug 2001, Anonymous <remailer at remailer.xganon.com> wrote:

[SNIP]

>Now I want to use a chain of remailers? How do I do this? I'm
>guessing I should somehow encrypt the message using all the keys of
>the remailers in the chain? And if I send the message to the first
>remailer in the chain, how do I let that remailer know to send it to
>the next one? If someone could either tell me how to do this, or
>direct me toward an information source explaining this, I'd
>appreciate it.

Chaining messages is achieved by repeating the encryption steps.
Taken as an example, chaining through two remailers thus,
You -> A -> B -> Recipient

You start off with your message and prefix with


::
Anon-To: <recipient at somewhere>

##
Subject: <some text>

<MESSAGE>


You then encrypt this with the key of the remailer B, and prefix it with


::
Anon-To: <Remailer-B at somewhere>

::
Encrypted: PGP

<PGP MESSAGE>


You take this and encrypt it with the key of remailer A, and prefix with


::
Encrypted: PGP


and now send it to remailer A.

What happens then is that remailer A takes the message, decodes it, and
sends it to remailer B. Remailer B decodes it and sends it to the
recipient.


Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum.                              http://vmsbox.cjb.net

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBO3By8sriC3SGiziTAQH4Cwf+JSwjLQcPtVbNAOKB28NBdA+yLLWYflmB
bjpH3nzDyV0TUEEiRH7gdancM8CuMk4n+5D+hWCHIyFoaR93/BuGdft9s8xuPi8M
nzSzPO4pFht8NTzhkkrn9iUcJWgh+fFNfBvWtjDCLs6qdxoQwTUI9N0ioceAlK1S
vk78pYdZ9srxCEr5sCyuAR56wRq0Sa81SDePOcYz48FrRR51Zdoe/cu3Hu4AYeY5
wpC5J59U0BIVb9xnt9zBR7I3aQZArFffZ2G6vdEHDnVulY5hpXjenEgUCUjFH+da
bCD6dCOVtPxYvFbo9mmMY6spiDwfeaOXzniFdFvqdrbADycW2s7qiw==
=3VgO
-----END PGP SIGNATURE-----



3: According to the Reliable User's Manual, the "random" strings of
numbers and letters which appear in the "Subject:" line are encrypted
MD5 hashes of the final "Subject:" line.  That is, the remailer client
calculates an MD5 hash from the "Subject:" line(which might be, e.g.,
"ATTN: Dave") in the final or hash headers (below the "##").  This MD5
hash that results from this calculation is likely to be unique to that
particular "Subject:" line.  The remailer client then encrypts the MD5
hash using conventional (symmetric) encryption, specifically IDEA.
The encryption and decryption key is the passphrase given for the
"Encrypt-Subject:" directive.



4:
Subject: [FAQ 8.2] Why didn't my email/post make it through?

+ Your message may have just been lost in the network for any number
of reasons. It does happen. The system isn't 100% reliable.

+ You are using broken chains or stale remailer keys.

+ Your source address or domain is being blocked by the first remailer
in your chain.

+ Your destination address, domain, or newsgroup is being blocked by
the last remailer in your chain.

+ The Usenet group you are posting to is not available on the news
server or gateway being used by the last remailer in your chain.

+ You are trying to crosspost to too many newsgroups and the final
remailer in your chain discarded the message. Send a blank email to
the remailer with 'remailer-conf' as the subject to determine how many
newsgroups the remailer allows you to cross-post to. Spammers abuse
the cross posting option so operators are cutting back to 3 or 4 cross
posts to deter the spammers.

+ You have too many addresses in the To, Cc, or Bcc headers and the
final remailer in your chain discarded the message.

+ You attempted to send an anonymous message to a nym that is
configured to either reject Bcc messages (directive +nobcc) or not
accept any mail at all.

+ Your e-mail recipient is filtering out messages from anonymous
remailers.

+ You are simply having a bad day. 'Better luck tomorrow!

RProcess, the author of JBN2 and the Reliable Remailer, has
systematically examined why so many anon messages seem to disappear.
His conclusions [http://www.bigfoot.com/~potatoware/PSKB-035.html] are
quite provocative.


More information about the cypherpunks mailing list