[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Another pax-type remailer
Forwarded message:
> Date: Tue, 22 Dec 92 15:24:12 +0200
> From: [email protected]
> Message-Id: <[email protected]>
> To: [email protected]
> Subject: Anonymous help.
>
>
> The anon.penet.fi Anonymous Server
> ==================================
>
> Yes, another anonymous server. Why? Well, several well-known servers have
> bitten the dust recently. And most of them have served only a very limited
> subset of newsgroups, and mail only to "registered", anonymous users. One
> quite successful attempt at solving this problem was the server running at
> godiva.nectar.cs.cmu.edu, written and operated by Karl Kleinpaste
> <[email protected]>. Karl's software has been posted to alt.sources.
>
> Due to reasons too complicated to mention here I wanted to set up an
> anonymous server for the scandinavian user community. I contacted Karl, and
> got a pre-release copy of his software. As the version I got relied heavily
> on the advanced features of MMDFII, I had to modify it quite a bit. While
> hacking around, I removed the restriction of only supporting selected
> newsgroups. Within a week of startup, the server had been discovered by
> transatlantic users, and more recent stats show european users are definitely
> a minority.
>
> So what does the anon server really do? Well, it provides a front for
> sending mail messages and posting news items anonymously. As you send your
> very first message to the server, it automatically allocates you an id of
> the form anNNN, and sends you a message containing the allocated id. This id
> is used in all your subsequent anon posts/mails. Any mail messages sent to
> [email protected] gets redirected to your original, real address. Any
> reply is of course anonymized in the same way, so the server provides a
> double-blind. You will not know the true identity of any user, unless she
> chooses to reveal her identity explicitly.
>
> In the anonymization process all headers indicating the true originator are
> removed, and an attempt is made to remove any automatically-included
> signatures, by looking for a line starting with two dashes (--), and zapping
> everything from there on. But if your signature starts with anything else,
> it's your own responsibility to remove it from your messages.
>
> There are two basic ways to use the system. The easiest way is by sending a
> message to [email protected]:
>
> To: [email protected]
>
> To: [email protected]
>
> To: [email protected]
>
> Of course, in the case of mailing to a known user, you have to use addresses of
> the form user%[email protected], or the pretty obscure source addressing
> construct of @anon.penet.fi:[email protected]. These constructs are not
> necessarily handled properly by all mail systems, so I strongly recommend the
> "X-Anon-To:" approach in these cases. This works by you sending a message to
> "[email protected]", including a X-Anon-To: header line containing the desired
> recipient. But this really has to be a field in the message header, before the
> first empty line in the message. So:
>
> To: [email protected]
> X-Anon-To: alt.sex.needlework,rec.masturbation
>
> To: [email protected]
> X-Anon-To: [email protected]
>
> Valid recipients in both cases are fully qualified user addresses in RFC-822
> format ([email protected]), anon user id's (anNNN), newsgroup names
> (alt.sex.paperclips) or one of the "special" user names of ping, nick, help,
> admin and stat.
>
> Sending to "ping" causes a short reply to be sent confirming (and
> allocating, if needed) your anon id. "nick" takes the contents of the
> Subject: header and installs it as your nickname. If you have a nickname, it
> appears in the From: header in the anonymized message along with your anon
> id. "help" returns this text, and stat gives some statistics about the
> system. Mail to "anon" goes directly to me unanonymized, and can be used to
> report problems. If you want to send mail to me anonymously, you can use
> "an0".
>
> When crossposting to several newsgroups, you can list several newsgroups
> separated by commas (no whitespace) as recipients, but this only works using
> the X-Anon-To: header. References: headers do work, so they can (and should)
> be used to maintain reply threads.
>
> Ah yes, please remember that the posting takes place at my local site, so you
> can only post to groups that are received at penet.fi. I get all "worldwide"
> groups, but various exotic local groups don't make it here. I have gotten
> a couple of comments about permitting anonymous postings to technical groups.
> I can only answer that I believe very firmly that it's not for me to dictate
> how other people ought to behave. Somebody might have a valid reason for
> posting anonymously to a group I might consider "technical". But remember
> anonymous postings are a privilege, and use them accordingly. I believe adult
> human beings can behave responsibly. Please don't let me down.
>
> As the server was originally intended to be used by scandinavians, it
> includes support for various languages. The system makes an educated guess
> about your local language based on your top level domain. But it can
> misfire. Fortunately the server doesn't (yet) support urdu, swahili or
> basque... Ah, by the way, if you find it doesn't support your local
> language, and you want to volunteer to translate the message files, get in
> touch...
>
> The user-id database is based on RFC822-ized forms of your originating
> address. This may cause problems for some users, either because their site
> is not properly registered in the name servers, resulting in
> non-deterministic addresses, or because their mail router doesn't hide the
> identity of individual workstations, resulting in different originating
> addresses depending on which workstation you mail from. Talk to your
> administrator. If that doesn't help, let me know, and I will make a manual
> re-mapping.
>
> You might wonder about the sense of using a server out somewhere, as the
> song goes, "so close to Russia, so far from Japan". Well, the polar bears
> don't mind, and the ice on the cables don't bother too much :-)
> Well, in fact, as we live in a wonderfully networked world, the major delay
> is not going over the atlantic, but my local connection to the Finnish EUnet
> backbone, fuug.fi. Once you reach a well, connected host, such as
> uunet.uu.net, there's a direct SMTP connection to fuug.fi. My connection to
> fuug.fi is currently a polled connection over ISDN, soon to be upgraded to
> on-demand-SMTP/NNTP. But for now, expect a turn-around delay of 2-4 hours for
> trans-atlantic traffic.
>
> Oh yes, then there's the question of confidentiality/security. The service
> runs on one of the 386 boxes in my back room at home, and the machine is not
> directly accessible from the internet. So the only one who can get to the
> database is myself. Well, if the police or the local Secret Service comes
> knocking at my door, with a court order to hand over the database, I might
> comply. But then I might, of course, accidentally delete the file instead of
> copying it... And maybe possibly there could be cases where, if somebody could
> come up with really hard evidence of activities such as blackmail, I could be
> persuaded...
>
> Anyway, short of having everyone run a public-key cryptosystem such as PGP,
> there is no way to protect users from malicious administrators. You have to
> trust my personal integrity. Worse, you have to trust the administrators on
> every mail routing machine on the way, as the message only becomes anonymous
> once it reaches my machine. Malicious sysadmins and/or crackers could spy on
> SMTP mail channels, sendmail queues and mail logs. But as there are more
> than 350 messages being anonymized every day, you have to be pretty perverted
> to scan everything...
>
> Another thing is mail failures. I've had cases of mail routers doing the wrong
> thing with % addresses, "shortcutting" the path to the destination site.
> This could cause your mail to go to the final destination without ever
> touching my server (and thus without getting anonymized). This can be avoided
> by using the X-Anon-To: method.
>
> And if your return address bounces for some reason (nameservers down,
> temporary configuration failures etc.), the original sender and/or
> postmasters on the way might get error messages showing your true
> identity, and maybe even the full message.
>
> And crackers are just too clever. Undoubtedly somebody is going to come
> up with some novel method.... Not much I can do about that...
>
> If you intend to mail/post something that might cost you your job or
> marriage or inheritance, _please_ send a test message first. The software
> has been pretty well tested, but some mailers on the way (and out of my
> control) screw things up. And if you happen to find a problem, _please_ for
> the sake of all the other users, _let me know asap_.
>
> And _please_ use the appropriate test newsgroups, such as alt.test or
> misc.test. Yes, _you_ might get excited by reading 2000 "This is a test.."
> messages on alt.sex, but I warn you that most psychologists consider this
> rather aberrant...
>
> And remember this is a service that some people (in groups such as
> alt.sexual.abuse.recovery) _need_. Please don't do anything stupid that
> would force me to close down the service. As I am running my own company,
> there is very little political pressure anyone can put on me, but if
> somebody starts using the system for criminal activities, the authorities
> might be able to order me to shut down the service. I don't particularly
> want to find out, however...
>
> If you think these instructions are unclear and confusing, you are right. If
> you come up with suggestions for improving this text, please mail me! Remember
> English is my third language...
>
> Safe postings!
>
> Julf
>
> - - - ------------------------------------------------------------------- - - -
> Johan Helsingius Kuusikallionkuja 3 B 25 02210 Espoo Finland Yourp
> net: [email protected] bellophone: int. +358 0400 2605 fax: int. +358 013900166
>
--
Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek
this address preferred -->> [email protected] <<-- this address preferred
Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood
(305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819