[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: remailer spam throttle



> > That's a good idea, but it'll take up a lot of disk space at the
> > machine running the remailer.  Right now, remailers that provide
> > latency don't keep an e-mail for more than about 12 hours. Once
> > you start keeping them around for a few days (a reasonable grace
> > period for a first-time user), it's a lot more disk space.
>
> 	How 'bout this:
>
> 	There is (as we all know) a newsgroup for anonymous messages, Simply
> encrypt the message with one half of a public key pair, and send the other
> to the individual with a message saying that there is a message waiting
> for you on alt.anonymous.messages with a subject of ^CHojnafy&Ys9. This is
> the key to decrypt the first level. If you do not have access to usenet,
> you can get the message from www.dejanews.com &etc.

I don't like this for only one reason: you'll be wasting disk
space at thousands of usenet sites. I happen to think that alt.anonymous.
messages is a really wasteful communications channel. If it were used for
all the traffic now caried by the remailers, many syadmins would stop
carrying it (a lot of useless traffic). I would have if I had carried it. :-)

Also it's not fair to assume that everyone with access to e-mail can
also get web or usenet. One example that's still fairly common in a
user on a corporate computer behind a firewall.

> 	The encryption by the endpoint remailer is not intended to
> supply complete privacy, but rather to provide an additional level of
> protection for those who don't encrypt to begin with.

If the key is generated by the remailer, then a LEA might go on a fishing
expedition trying to figure how the key was generated and whether they can
generate the same key again. It's safer not to generate random keys.

> 	This has the benefit of (1) not dumping the email into a persons
> mail box, so they don't get "spam" they don't want. (2) getting possibly
> illegal material off the remailer machine as quickly as possible (well,
> off the remailer portion anyway, if the news spool is on the same machine,
> that is a different legal battle) and (3) disassocating the sender and
> receiver a little more.

These are all good things; I just wish they could be accomplished in a less
wasteful manner.  To replicate a file at thousands of usenet servers which
can only be decrypted by one person is, in my opinion, selfish net-abuse.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps