[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: remailer spam throttle

To: [email protected]
Subject: Re: remailer spam throttle
From: [email protected] (Dr.Dimitri Vulis KOTM)
Date: Sat, 29 Mar 97 14:47:28 EST
Comments: All power to the ZOG!
In-Reply-To: <[email protected]>
Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
Sender: [email protected]

[email protected] writes:

> > > Well, they can compile the list of addresses off of USENET postings and
> > > such and then compute the hashes of the compiled names and identify
> > > those that are on the anon acceptance list. Not that it completely
> > > invalidates the idea, but certainly it is a problem.
>
> If a time delay isn`t a problem a remailer could operate on the list
> with a MAC, if someone wants to find out if a name is on the list
> they submit a request to the remailer operator who daily executes a
> batch job using a (memorised) key to verify the hashes against one
> another.
>
> Of course this gives no protection against the scenario of a law
> enforecement agency or shady TLA comprised of men in long black
> trenchcoats demanding the operator reveal the key to the MAC. I
> suppose there is always "I have forgotten the key, officer"..... ;-)

Yes. The remailer should contain as little "interesting" information
as possible at any given time, even if it's encrypted.

> > X sends 1000 copies of child porn/seditious libel to 100 people believed no
> > to be using remailers right now.  The remailer keeps the 100 e-mails onits
> > hard disk and e-mails each receipient a ping, inviting them to agree to the
> > disclaimer terms and to retrieve their anonymous e-mail.  The first recipie
> > to retrieve the e-mail gets upset and contacts the feds.  The feds figure,
> > remailer still has the 99 other e-mails and the information on who's suppos
> > to receive them in its queue; why not seize it and take a look.
>
> A possible solution to this is to set a time limit, say 24 hours on
> how long a proposed recipient may take to respond to a request for
> permission to send the mail. The remailer then sends the mail
> simultaneously to all those who agreed, those who declined to accept
> the mail or failed to repond are removed from the recipient list.

*If* the remailer keeps the e-mail until the recipient agrees to the
disclaimer and fetches it, then the timeout period should be longer
than 24 hours.  Not everyone checks their e-mail every 24 hours.
E.g., sometimes I'm away and don't check it for 3 or 4 days.
A friend of mine checks hers once or twice a week because she
doesn't get much.

Of course I'm advocating something more draconian - discard the
e-mail at once if the recipent isn't known and e-mail them how
they can get their mail next time.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Prev by Date: Re: remailer spam throttle
Next by Date: Re: remailer spam throttle
Prev by thread: Re: remailer spam throttle
Next by thread: Re: remailer spam throttle
Index(es):
- Date
- Thread