| 1 |
The remailer accepts PGP-encrypted messages. You can get the public |
You can use PGP to encrypt messages sent to this remailer if you for |
| 2 |
PGP key by sending mail with Subject: remailer-key to |
some reason are unable to use the Mixmaster client software. However, |
| 3 |
<%RMA>. |
while PGP will securely encrypt the content of a message that you are |
| 4 |
|
sending to the remailer, submitting messages to the remailer that are |
| 5 |
If you want to send an anonymous message, first create a file with two |
merely PGP encrypted without the use of the Mixmaster client software |
| 6 |
colons in the first line of your message, and the line "Anon-To: |
greatly increases the risk of third parties being able to determine the |
| 7 |
address" in the following line. Follow that with a blank line and |
identity of the sender (you). |
| 8 |
begin your message. For example: |
|
| 9 |
|
This remailer primarily supports the ability to submit messages for |
| 10 |
|
remailing without requiring the Mixmaster client software for backwards |
| 11 |
|
compatibility with older remailer client software. |
| 12 |
|
|
| 13 |
|
If you are able to use the Mixmaster software with your operating system |
| 14 |
|
(chances are you can), it is highly recommended that you use the |
| 15 |
|
Mixmaster client software instead. See the earlier section in this help |
| 16 |
|
file on how to obtain a copy of the Mixmaster client software. |
| 17 |
|
|
| 18 |
|
If you cannot use the Mixmaster software, want to use an anonymous |
| 19 |
|
remailer, and are willing to accept reduced security, you can do the |
| 20 |
|
following: |
| 21 |
|
|
| 22 |
|
Send email with Subject: remailer-key to <%RMA> to obtain a copy of the |
| 23 |
|
remailer's PGP key. |
| 24 |
|
|
| 25 |
|
Then do the following: |
| 26 |
|
|
| 27 |
|
1) create a file containing your message |
| 28 |
|
2) insert a BLANK LINE as the first line of the file |
| 29 |
|
3) Insert a "::" as the second line of the file |
| 30 |
|
4) Insert "Anon-To: final_recipient@destination_domain.com" as the |
| 31 |
|
third line of the file. |
| 32 |
|
|
| 33 |
|
At this time, the file should look as follows: |
| 34 |
|
|
| 35 |
================================================================== |
================================================================== |
| 36 |
|
|
| 37 |
:: |
:: |
| 38 |
Anon-To: beth@example.org |
Anon-To: final_recipient@destination_domain.com |
| 39 |
|
|
| 40 |
This is some anonymous mail. |
This is some anonymized email. |
| 41 |
================================================================== |
================================================================== |
| 42 |
|
|
| 43 |
Then, encrypt it with the PGP key of this remailer. Finally, send |
5) Now encrypt the file with the PGP key of this remailer. |
| 44 |
<%RMA> a message that begins with two colons |
|
| 45 |
and the line "Encrypted: PGP", followed by your encrypted message: |
Finally, email the encrypted file to <%RMA> as shown in the example |
| 46 |
|
below. |
| 47 |
|
|
| 48 |
|
The line "Encrypted: PGP" instructs the remailer to decrypt the message |
| 49 |
|
and process its contents. |
| 50 |
|
|
| 51 |
================================================================== |
================================================================== |
| 52 |
From: joe@test.com |
From: remailer_user@sender_domain.com |
| 53 |
To: %RMA |
To: %RMA |
| 54 |
|
Subject: anonymous message |
| 55 |
|
|
| 56 |
:: |
:: |
| 57 |
Encrypted: PGP |
Encrypted: PGP |
| 61 |
|
|
| 62 |
owE1jMsNwjAUBH3gZMk9PClnUoBPUANpwElW2OBPZD8H0gd1UCP2gduuNDNfIcSH |
owE1jMsNwjAUBH3gZMk9PClnUoBPUANpwElW2OBPZD8H0gd1UCP2gduuNDNfIcSH |
| 63 |
T4zCbQmtlbzGFM9T0jSD7QVvEzaPcUlBSSWHQclbnR9YWJNp5BFSLdR9CijF3NGx |
T4zCbQmtlbzGFM9T0jSD7QVvEzaPcUlBSSWHQclbnR9YWJNp5BFSLdR9CijF3NGx |
| 64 |
ybry/1Rsqn4la3a0JiIhLvnYGCu9HFtiC8oIxnlkeuIYe+EH |
ybry/1Rsqn4la3a0JiIhLvnYGCu9HFtiC8oIxnlkeuIYe+EH =HgDq |
|
=HgDq |
|
| 65 |
-----END PGP MESSAGE----- |
-----END PGP MESSAGE----- |
| 66 |
================================================================== |
================================================================== |
| 67 |
|
|
| 68 |
The remailer will decrypt the message and forward it anonymously. The |
Even though PGP encryption in itself is very secure, not using the |
| 69 |
following e-mail would be delivered to <beth@example.org>: |
Mixmaster client exposes some information to parties desiring to |
| 70 |
|
compromise your privacy. This information leakage permits what is known |
| 71 |
================================================================== |
as "traffic analysis". For example, if someone receives anonymous |
| 72 |
From: %RMN <%RAA> |
messages soon after you sent encrypted messages to a remailer it is |
| 73 |
Comments: This message did not originate from the Sender address above. |
likely that you are the sender of those messages. |
| 74 |
It was remailed automatically by anonymizing remailer software. |
|
| 75 |
Please report problems or inappropriate use to the |
To partially compensate for this information leak, you can instruct the |
| 76 |
remailer administrator at <%CA>. |
remailer to delay your messages for some time or send the remailer empty |
| 77 |
To: beth@example.org |
messages to make such analysis harder: |
|
|
|
|
This is some anonymous mail. |
|
|
================================================================== |
|
| 78 |
|
|
| 79 |
|
If you use the line "Null:" instead of "Anon-To:", the remailer will |
| 80 |
|
simply discard your message. |
| 81 |
|
|
| 82 |
You will often want to include a Subject or other header lines in your |
You can add a "Latent-Time:" header to the remailer to retain your |
| 83 |
anonymous mail. You can insert header lines in the anonymous message |
message for some time before forwarding it. "Latent-Time: +2:00" would |
| 84 |
by preceding them with a "##" line in the unencrypted file: |
delay the message for two hours. You can use a random delay by adding |
| 85 |
|
"r", for example "Latent-Time: +5:00r" would delay the message for up to |
| 86 |
|
five hours. For example: |
| 87 |
|
|
| 88 |
================================================================== |
================================================================== |
| 89 |
|
|
| 90 |
:: |
:: |
| 91 |
Anon-To: jim@example.org |
Anon-To: final_recipient@destination_domain.com |
| 92 |
|
Latent-Time: +2:00 |
| 93 |
|
|
| 94 |
## |
This is some anonymized email. |
| 95 |
Subject: Re: Twofish |
================================================================== |
|
In-Reply-To: Your message of "Tue, 12 Jan 1999 22:47:04 EST." |
|
|
<199901130247.WAA02761@example.com> |
|
|
|
|
|
This reply is anonymous. |
|
|
================================================================== |
|
|
|
|
|
Even though PGP encryption is very secure, this still leaves some |
|
|
information open to attackers. For example, if someone gets an |
|
|
anonymous message whenever you have sent an encrypted message to a |
|
|
remailer, it is likely that you are the sender of those messages. |
|
|
You can instruct the remailer to delay your messages for some time |
|
|
or send it empty messages to make such analysis harder: |
|
| 96 |
|
|
|
If you use the line "Null:" instead of "Anon-To:", the remailer will |
|
|
discard your message. The "Latent-Time:" header causes the remailer |
|
|
to keep your message for some time before forwarding it. |
|
|
"Latent-Time: +2:00" would delay the message for two hours. You |
|
|
can use a random delay by adding "r", for example |
|
|
"Latent-Time: +5:00r" would delay the message for up to five hours. |
|
| 97 |
|
|
| 98 |
You can, of course, use another remailer to send the message to |
You can chain remailers by using another remailer to send the message to |
| 99 |
<%RMA> anonymously. For example, take the message |
<%RMA> anonymously. For example, take the message |
| 100 |
|
|
| 101 |
================================================================== |
================================================================== |
| 102 |
|
|
| 103 |
:: |
:: |
| 104 |
Anon-To: %RMA |
Anon-To: %RMA |
| 105 |
|
|
| 111 |
|
|
| 112 |
owE1jMsNwjAUBH3gZMk9PClnUoBPUANpwElW2OBPZD8H0gd1UCP2gduuNDNfIcSH |
owE1jMsNwjAUBH3gZMk9PClnUoBPUANpwElW2OBPZD8H0gd1UCP2gduuNDNfIcSH |
| 113 |
T4zCbQmtlbzGFM9T0jSD7QVvEzaPcUlBSSWHQclbnR9YWJNp5BFSLdR9CijF3NGx |
T4zCbQmtlbzGFM9T0jSD7QVvEzaPcUlBSSWHQclbnR9YWJNp5BFSLdR9CijF3NGx |
| 114 |
ybry/1Rsqn4la3a0JiIhLvnYGCu9HFtiC8oIxnlkeuIYe+EH |
ybry/1Rsqn4la3a0JiIhLvnYGCu9HFtiC8oIxnlkeuIYe+EH =HgDq |
|
=HgDq |
|
| 115 |
-----END PGP MESSAGE----- |
-----END PGP MESSAGE----- |
| 116 |
================================================================== |
================================================================== |
| 117 |
|
|
| 118 |
encrypt it with the PGP key of the Replay remailer and send the |
Next, encrypt the message with the PGP key of the <%RMN> and send the |
| 119 |
double-encrypted message to <remailer@replay.com>. |
twice-encrypted message to <%RMA>. Similar to a Russian doll, containing |
| 120 |
|
increasingly smaller dolls inside the each outer doll, you can layer |
| 121 |
|
multiple encryption layers and remailer hops around your message. If |
| 122 |
|
this sounds confusing, just use the Mixmaster client software instead. |
| 123 |
|
|
| 124 |
If you send your messages through a chain of several independent |
If you send your messages through a chain of several independent |
| 125 |
remailers, it will be hard to trace the anonymous message back to |
remailers, it will be become increasingly difficult, though not |
| 126 |
you. A much more secure solution, however, is to use Mixmaster for |
necessarily impossible, to trace the anonymous message back to you. A |
| 127 |
sending anonymous mail. |
vastly more secure solution is to use the Mixmaster client software to |
| 128 |
|
send your anonymous mail. |
| 129 |
PGP encryption can also be used to receive mail at an anonymous |
|
| 130 |
address. Please see <http://www.publius.net/n.a.n.html>, the home page |
Some remailers supporting PGP encrypted messages offer pseudonymous |
| 131 |
of the nym.alias.net pseudonym server, for more information. |
"nym" service that allow you to not only send emails privately, but also |
| 132 |
|
receive emails without enabling the sender to determine your recipient |
| 133 |
|
destination email address. For more information about such nym services, |
| 134 |
|
see the following URL's. |
| 135 |
|
|
| 136 |
|
http://lexx.shinn.net/nym/ |
| 137 |
|
|
| 138 |
|
http://riot.eu.org/anon/nym.html |
| 139 |
|
|
| 140 |
|
***** |
Parent Directory
| 
Revision Log
| 
Patch