Cutting down remailer abuse [ Was Re: An alternative ... ]

[Mike Fletcher <fletch@ain.bls.com>]

> One idea that came up a while back was a sort of limited tracking of mail
> -- an example would be keeping a hash of the email address where mail was
> received from for 48 hours, with the hash value being attached to the
> peice of mail as a header.
> 
> This would accomplish two things: We could source block an address without
> knowing the source; and if push came to shove an address could be
> backtracked to its original source, provided a complaint was made in time,
> and that the Bad Guy sent another mail from the same address. I think
> that legally there would be a good argument that the remailer ops had made
> a reasonable attempt and holding lawbreakers accountable, while still
> preserving the anonymity of non-abusers.

	This would have two problems (I think :):

1) How do you tell that the source address isn't a remailer?  If
things go to the disposeable remailer heads (Aren't those bad for the
environment or something? :), you might wind up blocking part of the
remailer chain.

2) Depending on the strength the hash function, there's a trail that
you submitted traffic into the remailer network for that 48 hours.
Not that sendmail/packet sniffing wouldn't show the same thing w/o IP
layer encryption . . . .

	Now if there was a DC net you could submit traffic/noise into
that would deliver into the remailer net . . . .

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------