1. Forum
  2. USENET
  3. alt.free.newsservers

  • anonymous remailer - wikipedia

    From nobody@nobody@yamn.paranoici.org to alt.free.newsservers on Fri Jul 4 02:27:50 2025
    From Newsgroup: alt.free.newsservers


    "this page was last edited on 30 June 2025" . . .

    (using Tor Browser 14.5.4)
    https://en.wikipedia.org/wiki/Anonymous_remailer
    Anonymous remailer
    An anonymous remailer is a server that receives messages with embedded >instructions on where to send them next, and that forwards them without revealing
    where they originally came from. There are cypherpunk anonymous remailers, >mixmaster anonymous remailers, and nym servers, among others, which differ in how
    they work, in the policies they adopt, and in the type of attack on the anonymity
    of e-mail they can (or are intended to) resist. Remailing as discussed in this >article applies to e-mails intended for particular recipients, not the general >public. Anonymity in the latter case is more easily addressed by using any of >several methods of anonymous publication.
    Types of remailer
    There are several strategies that affect the anonymity of the handled e-mail. In
    general, different classes of anonymous remailers differ with regard to the >choices their designers/operators have made. These choices can be influenced by
    the legal ramifications of operating specific types of remailers.[1]
    It must be understood that every data packet traveling on the Internet contains
    the node addresses (as raw IP bit strings) of both the sending and intended >recipient nodes, and so no data packet can ever actually be anonymous at this >level [citation needed]. In addition, all standards-based e-mail messages contain
    defined fields in their headers in which the source and transmitting entities >(and Internet nodes as well) are required to be included.
    Some remailers change both types of address in messages they forward, and the >list of forwarding nodes in e-mail messages as well, as the message passes >through; in effect, they substitute 'fake source addresses' for the originals. >The 'IP source address' for that packet may become that of the remailer server >itself, and within an e-mail message (which is usually several packets), a >nominal 'user' on that server. Some remailers forward their anonymized e-mail to
    still other remailers, and only after several such hops is the e-mail actually >delivered to the intended address.
    There are, more or less, four types of remailers:
    Pseudonymous remailers
    A pseudonymous remailer simply takes away the e-mail address of the sender, >gives a pseudonym to the sender, and sends the message to the intended recipient
    (that can be answered via that remailer).[2]
    Cypherpunk remailers, also called Type I
    A Cypherpunk remailer sends the message to the recipient, stripping away the >sender address on it. One can not answer a message sent via a Cypherpunk >remailer. The message sent to the remailer can usually be encrypted, and the >remailer will decrypt it and send it to the recipient address hidden inside the
    encrypted message. In addition, it is possible to chain two or three remailers,
    so that each remailer can't know who is sending a message to whom. Cypherpunk >remailers do not keep logs of transactions.
    Mixmaster remailers, also called Type II
    In Mixmaster, the user composes an email to a remailer, which is relayed through
    each node in the network using SMTP, until it finally arrives at the final >recipient. Mixmaster can only send emails one way. An email is sent anonymously
    to an individual, but for them to be able to respond, a reply address must be >included in the body of the email. Also, Mixmaster remailers require the use of a
    computer program to write messages. Such programs are not supplied as a standard
    part of most operating systems or mail management systems.
    Mixminion remailers, also called Type III
    A Mixminion remailer attempts to address the following challenges in Mixmaster >remailers: replies, forward anonymity, replay prevention and key rotation, exit
    policies, integrated directory servers and dummy traffic. They are currently >available for the Linux and Windows platforms. Some implementations are open >source.
    Traceable remailers
    Some remailers establish an internal list of actual senders and invented names >such that a recipient can send mail to invented name AT some-remailer.example. >When receiving traffic addressed to this user, the server software consults that
    list, and forwards the mail to the original sender, thus permitting >anonymousuthough traceable with access to the listutwo-way communication. The >famous "penet.fi" remailer in Finland did just that for several years.[3] Because
    of the existence of such lists in this type of remailing server, it is possible
    to break the anonymity by gaining access to the list(s), by breaking into the >computer, asking a court (or merely the police in some places) to order that the
    anonymity be broken, and/or bribing an attendant. This happened to penet.fi as a
    result of some traffic passed through it about Scientology.[citation needed] The
    Church claimed copyright infringement and sued penet.fi's operator. A court >ordered the list be made available. Penet's operator shut it down after >destroying its records (including the list) to retain identity confidentiality >for its users; though not before being forced to supply the court with the real e-
    mail addresses of two of its users.[citation needed]
    More recent remailer designs use cryptography in an attempt to provide more or >less the same service, but without so much risk of loss of user confidentiality.
    These are generally termed nym servers or pseudonymous remailers. The degree to
    which they remain vulnerable to forced disclosure (by courts or police) is and >will remain unclear since new statutes/regulations and new cryptanalytic >developments proceed apace. Multiple anonymous forwarding among cooperating >remailers in different jurisdictions may retain, but cannot guarantee, anonymity
    against a determined attempt by one or more governments, or civil litigators. >Untraceable remailers
    If users accept the loss of two-way interaction, identity anonymity can be made
    more secure.
    By not keeping any list of users and corresponding anonymizing labels for them,
    a remailer can ensure that any message that has been forwarded leaves no internal
    information behind that can later be used to break identity confidentiality. >However, while being handled, messages remain vulnerable within the server (e.g.,
    to Trojan software in a compromised server, to a compromised server operator, or
    to mis-administration of the server), and traffic analysis comparison of traffic
    into and out of such a server can suggest quite a lotufar more than almost any >would credit.
    The Mixmaster strategy is designed to defeat such attacks, or at least to >increase their cost (i.e., to 'attackers') beyond feasibility. If every message
    is passed through several servers (ideally in different legal and political >jurisdictions), then attacks based on legal systems become considerably more >difficult, if only because of 'Clausewitzian' friction among lawyers, courts, >different statutes, organizational rivalries, legal systems, etc. And, since many
    different servers and server operators are involved, subversion of any (i.e., of
    either system or operator) becomes less effective also since no one (most likely)
    will be able to subvert the entire chain of remailers.
    Random padding of messages, random delays before forwarding, and encryption of >forwarding information between forwarding remailers, increases the degree of >difficulty for attackers still further as message size and timing can be largely
    eliminated as traffic analysis clues, and lack of easily readable forwarding >information renders ineffective simple automated traffic analysis algorithms. >Modern Tor-Based Alternatives. With the decline of classical remailers (e.g., >Mixmaster) due to vulnerabilities to traffic correlation[4], some users have >migrated to Tor-integrated remailers like Onion Courier[5]. These systems >leverage Tor hidden services to resist metadata surveillance, addressing key >weaknesses of older designs[6].
    Web-based mailer
    There are also web services that allow users to send anonymous email messages. >These services do not provide the anonymity of real remailers, but they are >easier to use. When using a web-based anonymous email or anonymous remailer >service, its reputation should first be analyzed, since the service stands >between senders and recipients. Some of the aforementioned web services log the
    users IP addresses to ensure they do not break the law; others offer superior >anonymity with attachment functionality by choosing to trust that the users will
    not breach the websites terms of service (ToS).[7]
    Remailer statistics
    In most cases, remailers are owned and operated by individuals, and are not as >stable as they might ideally be. In fact, remailers can, and have, gone down >without warning. It is important to use up-to-date statistics when choosing >remailers.
    Remailer abuse and blocking by governments
    Although most re-mailer systems are used responsibly, the anonymity they provide
    can be exploited by entities or individuals whose reasons for anonymity are not
    necessarily benign.[8]
    Such reasons could include support for violent extremist actions,[citation >needed] sexual exploitation of children [citation needed] or more commonly to >frustrate accountability for 'trolling' and harassment of targeted individuals,
    or companies (The Dizum.com re-mailer chain being abused as recently as May >2013[citation needed] for this purpose.)
    The response of some re-mailers to this abuse potential is often to disclaim >responsibility (as dizum.com does[9]), as owing to the technical design (and >ethical principles) of many systems, it is impossible for the operators to >physically unmask those using their systems. Some re-mailer systems go further >and claim that it would be illegal for them to monitor for certain types abuse >at all.[9]
    Until technical changes were made in the remailers concerned in the mid-2000s, >some re-mailers (notably nym.alias.net based systems) were seemingly willing to
    use any genuine (and thus valid) but otherwise forged address. This loophole >allowed trolls to mis-attribute controversial claims or statements with the aim
    of causing offence, upset or harassment to the genuine holder(s) of the >address(es) forged.
    While re-mailers may disclaim responsibility, the comments posted via them have
    led to them being blocked in some countries. In 2014, dizum.com (a Netherlands-
    based remailer) was seemingly blocked by authorities in Pakistan,[citation >needed] because comments an (anonymous) user of that service had made concerning
    key figures in Islam.
    See also
    Anonymity
    Anonymity application
    Anonymous blogging
    Anonymous P2P
    Anonymous remailer
    Cypherpunk anonymous remailer (Type I)
    Mixmaster anonymous remailer (Type II)
    Mixminion anonymous remailer (Type III)
    Anonymous web browsing
    Data privacy
    Identity theft
    Internet privacy
    Personally identifiable information
    Privacy software and Privacy-enhancing technologies
    I2P
    I2P-Bote
    Java Anon Proxy
    Onion routing
    Tor (network)
    Pseudonymity, Pseudonymization
    Pseudonymous remailer (a.k.a. nym servers)
    Penet remailer
    Traffic analysis
    Winston Smith Project
    Mix network
    References
    1. du Pont, George F. (2001) The Time Has Come for Limited Liability for
    Operators of True Anonymity Remailers in Cyberspace: An Examination of the
    Possibilities and Perils Archived 2016-03-05 at the Wayback Machine"Journal
    of Technology Law & Policy"
    2. Froomkin, A. Michael (1995). "Anonymity and its Enmities". Journal of Online
    Law. 1. Rochester, NY. art. 4. SSRN 2715621.
    3. "Johan Helsingius closes his Internet remailer" (Press release). 1996-08-30.
    Archived from the original on 2016-03-03. Retrieved 2014-10-09.
    4. Danezis, George; Syverson, Paul (2006). Eclipse Attacks on Tor. Privacy
    Enhancing Technologies. doi:10.1007/11957454_4.
    5. "Onion Courier: Anonymous email over Tor". GitHub. Retrieved 2025-06-30. >6. Dingledine, Roger (2004). "Tor: The Second-Generation Onion Router" (PDF).
    USENIX Security Symposium.
    7. "Amnesty Box". Archived from the original on 14 April 2012. Retrieved 29
    March 2012.
    8. "Recommendations for Anonymous Remailer Policy at Oberlin College".
    www.cs.cmu.edu. Archived from the original on 2021-09-04. Retrieved 2021-09-04.
    9. "DIZUM FAQ". Archived from the original on July 10, 2010. Retrieved November
    1, 2012.
    Remailer Vulnerabilities
    Email Security, Bruce Schneier (ISBN 0-471-05318-X)
    Computer Privacy Handbook, Andre Bacard (ISBN 1-56609-171-3)
    Categories:
    Anonymous file sharing networks | Internet Protocol based network software |
    Routing Network architecture | Cryptography
    This page was last edited on 30 June 2025, at 14:51 (UTC).
    [end quoted plain text]

    --- Synchronet 3.21d-Linux NewsLink 1.2