Contents of /trunk/Mix/README

Mixmaster version 3 -- anonymous remailer software -- (C) 1999 Anonymizer Inc.
------------------------------------------------------------------------------

PREVIEW VERSION  ---  WARNING: THIS SOFTWARE IS UNDER DEVELOPMENT!

This program consists of

* a remailer client:

  The remailer client supports sending anonymous mail using Cypherpunk
  and Mixmaster remailers. It supports OpenPGP encryption (compatible 
  with PGP 2, PGP 5 and up, and GnuPG).

  The client can be used with a menu-based user interface and with
  command line options.

* a remailer:

  The remailer supports the Cypherpunk and Mixmaster message formats.
  It can be integrated with the mail delivery system of Unix-based
  computers or use the POP3 and SMTP protocols for mail transfer.
  Mixmaster includes an automated abuse-handling system.

Please report any problems via the bug and patch trackers at
http://sourceforge.net/projects/mixmaster/


Installation:
------------

Libraries:

  Mixmaster requires the libraries OpenSSL, zlib, and pcre. 
  
  If you want to use the menu-based user interface, you also need the
  ncurses library. If these libraries are not installed on your
  system, you will need to obtain the latest versions from the
  sources below and extract them in the the Src/ directory first.

  OpenSSL is available from http://www.openssl.org/source/

  Ncurses can be obtained from http://ftp.gnu.org/pub/gnu/ncurses/

  The Perl Compatable Regular Expressions library can be obtained from
  ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/

  The zlib compression libraries can be obtained from
  http://www.gzip.org/zlib/

To install or upgrade Mixmaster, type `./Install'.

Mixmaster uses lists of currently operating remailers and information
about their reliability. You can get the current remailer lists from
http://stats.melontraffickers.com/ and http://anon.efga.org/ and via
finger from nym.alias.net:

  pubring.asc    Type 1 remailer keys
  pubring.mix    Type 2 remailer keys
  rlist.txt      List of reliable type 1 remailers
  mlist.txt      List of reliable type 2 remailers
  type2.list     List of known type 2 remailers (optional)

If you wish to participate in the Remailer Abuse Blocklist[1], you will need
to obtain the blocklist file from http://www.paracrypt.com/remailerabuse/
and place it in your Mix directory. This may be automated with cron.

For support for multiple RAB services, edit the file Src/config.h manually,
and add additional block files to the existing line, such as:

#define DESTBLOCK "dest.blk rab.blk rab2.blk rab3.blk"

Note that only the first file should the the local block list, as it is the
only file mix will open for writing. Most users will not need to edit
config.h.

[1] Update: As of the release of Mixmaster 3.0, the Paracrypt RAB site is 
defunct. This information has been left in the documentation should 
another service take its place.

Using the remailer client:
-------------------------

To use the menu-based user interface, simply run `mixmaster'. To send an
anonymous or pseudonymous reply to a message from within your mail or
news reader, you can pipe it to `mixmaster'.

The interactive mode supports sending mail and contains a simple
mail reading function. OpenPGP messages are encrypted and decrypted
automatically. 

In the non-interactive mode, Mixmaster reads a message from a file or
from its standard input. The command line options are described in the
manual page (mixmaster.1).


Mixmaster as a remailer:
-----------------------

The Mixmaster remailer can be installed on any account that can
receive mail. Non-remailer messages will be delivered as usual. If
you have root access, you may want to create a new user (e.g.,
`remailer') and install Mixmaster under that user id.

The Install script provides a simple way to set up the remailer. More
information about configuring Mixmaster can be found in the manual
page. Typically, incoming mail is piped to "mixmaster -RM". In a UUCP
setting, it may be useful to use just "mixmaster -R", and run 
"mixmaster -S" once all messages have arrived.

Announcing a new remailer to the public is most commonly done by posting
the remailer keys and capabilities to alt.privacy.anon-server as well as
the "remops" mailing list. Information about the remops list can be found
here: http://lexx.shinn.net/mailman/listinfo/remops


Installation problems:
---------------------

In case one of the libraries Mixmaster uses is installed incorrectly
on your system, place the library source code (available from
the locations listed above) in the Src directory, remove the old
Makefile, run the Install script again and answer `y' when asked
whether to use the source code.

The ncurses library can use termcap and terminfo databases. The
Mixmaster Install script tries to find out whether terminfo is
available. If you get a "Can't open display" error when starting
the Mixmaster menu, run "./configure --enable-termcap; make lib/libncurses.a"
in the ncurses directory.


Security notes:
--------------

The ciphers and the anonymizing mix-net protocol used in Mixmaster
correspond to the state of the art (see the Security Considerations
section of the Mixmaster Protocol specification for details). However,
no security proofs exist for any practical cryptosystem. It is
unlikely that their security will be broken, but there is no "perfect
security". Software can also contain implementation errors. The
complete Mixmaster source code is available for public review, so that
everyone can verify what the program does, and it is unlikely that
security related errors or secret back doors in the software would go
unnoticed.

No software is secure if run in an insecure environment. For that
reason you must make sure that there is no malicious software (such as
viruses) running on your computer. Deleted files and even passphrases
can in many cases be read from the hard disk if an adversary has
access to the computer. The use of disk encryption programs is
recommended to avoid this risk.

Anonymous messages are secure as long as at least one of the remailers
you use in a chain is honest. You can use up to 20 remailers in a
chain, but reliability and speed decrease with longer chains. Four is
a reasonable number of remailers to use. Many remailer operators sign
their keys. You should verify those signatures with OpenPGP to make
sure that you have the actual remailer keys.

Anonymous keys usually cannot be introduced to the OpenPGP web of
trust without giving up anonymity. For that reason, this client will
use any OpenPGP key found on the key ring, whether it is certified or
not. Your key ring must not contain any invalid keys when used with
this program.

If you want to use a pseudonym, the client will ask you for a
passphrase to protect the nym database. Your passphrase should be
long, and hard to guess. Anyone who gets hold of your nym database and
private keys and can determine the passphrase will be able to
compromise your pseudonymous identities. Note that some operating
systems may store your passphrase on your hard disk in clear.

While a good client passphrase can protect your keys if someone gets
hold of your files, the remailer passphrase offers only casual
protection for the remailer keys. If you install a remailer, the
remailer passphrase must be different from your private passphrases.


Copyright:
---------

Mixmaster may be redistributed and modified under certain conditions.
This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF
ANY KIND, either express or implied. See the file COPYRIGHT for
details.

A license is required to use the IDEA(TM) algorithm for commercial
purposes; see the file idea.txt for details.

Mixmaster uses the compression library zlib by Jean-loup Gailly and Mark
Adler, the free ncurses library and the regex library by Philip Hazel.
This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com). This product includes software developed by the
OpenSSL Project for use in the OpenSSL Toolkit (http://www.OpenSSL.org/).
For some platforms: This product includes software developed by the
University of California, Berkeley and its contributors.

All trademarks are the property of their respective owners.

$Id$
1	rabbi	1	Mixmaster version 3 -- anonymous remailer software -- (C) 1999 Anonymizer Inc.
2			------------------------------------------------------------------------------
3
4			PREVIEW VERSION --- WARNING: THIS SOFTWARE IS UNDER DEVELOPMENT!
5
6			This program consists of
7
8			* a remailer client:
9
10			The remailer client supports sending anonymous mail using Cypherpunk
11	rabbi	686	and Mixmaster remailers. It supports OpenPGP encryption (compatible
12			with PGP 2, PGP 5 and up, and GnuPG).
13	rabbi	1
14			The client can be used with a menu-based user interface and with
15			command line options.
16
17			* a remailer:
18
19			The remailer supports the Cypherpunk and Mixmaster message formats.
20			It can be integrated with the mail delivery system of Unix-based
21			computers or use the POP3 and SMTP protocols for mail transfer.
22			Mixmaster includes an automated abuse-handling system.
23
24	rabbi	10	Please report any problems via the bug and patch trackers at
25			http://sourceforge.net/projects/mixmaster/
26	rabbi	1
27
28			Installation:
29			------------
30
31			Libraries:
32
33	rabbi	686	Mixmaster requires the libraries OpenSSL, zlib, and pcre.
34
35			If you want to use the menu-based user interface, you also need the
36			ncurses library. If these libraries are not installed on your
37			system, you will need to obtain the latest versions from the
38			sources below and extract them in the the Src/ directory first.
39	rabbi	1
40	rabbi	686	OpenSSL is available from http://www.openssl.org/source/
41
42			Ncurses can be obtained from http://ftp.gnu.org/pub/gnu/ncurses/
43
44	rabbi	1	The Perl Compatable Regular Expressions library can be obtained from
45			ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
46
47	rabbi	686	The zlib compression libraries can be obtained from
48	rabbi	126	http://www.gzip.org/zlib/
49	rabbi	1
50			To install or upgrade Mixmaster, type `./Install'.
51
52			Mixmaster uses lists of currently operating remailers and information
53			about their reliability. You can get the current remailer lists from
54	rabbi	126	http://stats.melontraffickers.com/ and http://anon.efga.org/ and via
55	rabbi	16	finger from nym.alias.net:
56	rabbi	1
57			pubring.asc Type 1 remailer keys
58			pubring.mix Type 2 remailer keys
59			rlist.txt List of reliable type 1 remailers
60			mlist.txt List of reliable type 2 remailers
61			type2.list List of known type 2 remailers (optional)
62
63	rabbi	686	If you wish to participate in the Remailer Abuse Blocklist[1], you will need
64	weaselp	341	to obtain the blocklist file from http://www.paracrypt.com/remailerabuse/
65	rabbi	1	and place it in your Mix directory. This may be automated with cron.
66
67			For support for multiple RAB services, edit the file Src/config.h manually,
68			and add additional block files to the existing line, such as:
69
70			#define DESTBLOCK "dest.blk rab.blk rab2.blk rab3.blk"
71
72			Note that only the first file should the the local block list, as it is the
73	weaselp	341	only file mix will open for writing. Most users will not need to edit
74	rabbi	1	config.h.
75
76	rabbi	686	[1] Update: As of the release of Mixmaster 3.0, the Paracrypt RAB site is
77			defunct. This information has been left in the documentation should
78			another service take its place.
79	rabbi	1
80			Using the remailer client:
81			-------------------------
82
83	rabbi	686	To use the menu-based user interface, simply run `mixmaster'. To send an
84	rabbi	1	anonymous or pseudonymous reply to a message from within your mail or
85	rabbi	686	news reader, you can pipe it to `mixmaster'.
86	rabbi	1
87	rabbi	686	The interactive mode supports sending mail and contains a simple
88			mail reading function. OpenPGP messages are encrypted and decrypted
89			automatically.
90	rabbi	1
91			In the non-interactive mode, Mixmaster reads a message from a file or
92			from its standard input. The command line options are described in the
93	rabbi	686	manual page (mixmaster.1).
94	rabbi	1
95
96			Mixmaster as a remailer:
97			-----------------------
98
99			The Mixmaster remailer can be installed on any account that can
100			receive mail. Non-remailer messages will be delivered as usual. If
101			you have root access, you may want to create a new user (e.g.,
102			`remailer') and install Mixmaster under that user id.
103
104			The Install script provides a simple way to set up the remailer. More
105			information about configuring Mixmaster can be found in the manual
106	rabbi	686	page. Typically, incoming mail is piped to "mixmaster -RM". In a UUCP
107			setting, it may be useful to use just "mixmaster -R", and run
108			"mixmaster -S" once all messages have arrived.
109	rabbi	1
110	rabbi	133	Announcing a new remailer to the public is most commonly done by posting
111			the remailer keys and capabilities to alt.privacy.anon-server as well as
112			the "remops" mailing list. Information about the remops list can be found
113			here: http://lexx.shinn.net/mailman/listinfo/remops
114
115	rabbi	1
116			Installation problems:
117			---------------------
118
119			In case one of the libraries Mixmaster uses is installed incorrectly
120			on your system, place the library source code (available from
121	rabbi	686	the locations listed above) in the Src directory, remove the old
122	rabbi	1	Makefile, run the Install script again and answer `y' when asked
123			whether to use the source code.
124
125			The ncurses library can use termcap and terminfo databases. The
126			Mixmaster Install script tries to find out whether terminfo is
127			available. If you get a "Can't open display" error when starting
128	weaselp	341	the Mixmaster menu, run "./configure --enable-termcap; make lib/libncurses.a"
129	rabbi	1	in the ncurses directory.
130
131
132			Security notes:
133			--------------
134
135			The ciphers and the anonymizing mix-net protocol used in Mixmaster
136			correspond to the state of the art (see the Security Considerations
137			section of the Mixmaster Protocol specification for details). However,
138			no security proofs exist for any practical cryptosystem. It is
139			unlikely that their security will be broken, but there is no "perfect
140			security". Software can also contain implementation errors. The
141			complete Mixmaster source code is available for public review, so that
142			everyone can verify what the program does, and it is unlikely that
143			security related errors or secret back doors in the software would go
144			unnoticed.
145
146			No software is secure if run in an insecure environment. For that
147			reason you must make sure that there is no malicious software (such as
148			viruses) running on your computer. Deleted files and even passphrases
149			can in many cases be read from the hard disk if an adversary has
150			access to the computer. The use of disk encryption programs is
151			recommended to avoid this risk.
152
153			Anonymous messages are secure as long as at least one of the remailers
154			you use in a chain is honest. You can use up to 20 remailers in a
155			chain, but reliability and speed decrease with longer chains. Four is
156			a reasonable number of remailers to use. Many remailer operators sign
157			their keys. You should verify those signatures with OpenPGP to make
158			sure that you have the actual remailer keys.
159
160			Anonymous keys usually cannot be introduced to the OpenPGP web of
161			trust without giving up anonymity. For that reason, this client will
162			use any OpenPGP key found on the key ring, whether it is certified or
163			not. Your key ring must not contain any invalid keys when used with
164			this program.
165
166			If you want to use a pseudonym, the client will ask you for a
167			passphrase to protect the nym database. Your passphrase should be
168			long, and hard to guess. Anyone who gets hold of your nym database and
169			private keys and can determine the passphrase will be able to
170			compromise your pseudonymous identities. Note that some operating
171			systems may store your passphrase on your hard disk in clear.
172
173			While a good client passphrase can protect your keys if someone gets
174			hold of your files, the remailer passphrase offers only casual
175			protection for the remailer keys. If you install a remailer, the
176			remailer passphrase must be different from your private passphrases.
177
178
179			Copyright:
180			---------
181
182			Mixmaster may be redistributed and modified under certain conditions.
183			This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF
184			ANY KIND, either express or implied. See the file COPYRIGHT for
185			details.
186
187			A license is required to use the IDEA(TM) algorithm for commercial
188			purposes; see the file idea.txt for details.
189
190			Mixmaster uses the compression library zlib by Jean-loup Gailly and Mark
191			Adler, the free ncurses library and the regex library by Philip Hazel.
192			This product includes cryptographic software written by Eric Young
193			(eay@cryptsoft.com). This product includes software developed by the
194			OpenSSL Project for use in the OpenSSL Toolkit (http://www.OpenSSL.org/).
195			For some platforms: This product includes software developed by the
196			University of California, Berkeley and its contributors.
197
198			All trademarks are the property of their respective owners.
199
200	weasel	647	$Id$