[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: usenet-to-mail,ftp-to-mail,xxxx-to-mail



On Sat, 19 Nov 1994, Jonathan Rochkind wrote:

> "Robert A. Hayden" <[email protected]> wrote:
> >More importantly, are there are usenet-to-mail gateways?
> 
[good stuph left out here..]
> 
> Would there by any benefit to doing this at all over the present system?
> Why would someone submit a message to the remailer "bramble" via newsgroup
> instead of just mailing it?  Unless you find an anonymous way to post to
> the newsgroup in the first place, your security seems to be seriously
> compromised. Even if everything is encrypted, you've made traffic analysis
> a huge amount easier.  And if you are finding a way to post the a newsgroup
> anonymously in the first place, odds are you have some other entry point to
> the remailer bramble, so why make a stop on the newsgroup opening yourself
> up to traffic analysis?

For a long time I've wanted to set up a remailer that instead of just 
re-mailing the input mail would telnet to port 25 on a specified machine 
and spoof the headers exactly like you tell it to, or that would anon-ftp 
upload the "mail" message to a specified site, or that would continualy 
check a local (or remote) ftp directory for filenames that match a 
certain wildcard, processing them as inbound mail... I can think of a 
couple of situations under which having a mailer pick up off a newsgroup 
would be very usefull... send a pgp encrypted, nested message through a 
chain of four remailers... one is a standard-ish remailer which peels off 
the first layer of encryption and posts your message to a certain 
newsgroup. The second one, whos address remains a mystery, spoofs or 
remails the message it found in the newsgroup to a different newsgroup, 
where it is again picked up and decrypted by the third remailer, which 
uploads it to an ftp site watched by the fourth, again anonymous 
remailer, who picks it up and remails it to the recipient. It may all be 
an excercise in futility, I'm not an expert on that kinda thing, but it 
sure /seems/ more secure to me...

Happy Hunting, -Chris.

______________________________________________________________________________
Christian Douglas Odhner     | "The NSA can have my secret key when they pry
[email protected]	     | it from my cold, dead, hands... But they shall
pgp 2.3 public key by finger | NEVER have the password it's encrypted with!"
cypherpunks         WOw            dCD           Traskcom          Team Stupid
  Key fingerprint =  58 62 A2 84 FD 4F 56 38  82 69 6F 08 E4 F1 79 11 
------------------------------------------------------------------------------