1993-02-23 - Remailer Changes

Header Data

From: nowhere@bsu-cs.bsu.edu (Chael Hall)
To: cypherpunks@toad.com
Message Hash: bc67011e821f9ba4a72e5c690e1988e5890538ae3d9f1aa563aee01f4f6b756b
Message ID: <9302230050.AA14615@bsu-cs.bsu.edu>
Reply To: N/A
UTC Datetime: 1993-02-23 00:53:29 UTC
Raw Date: Mon, 22 Feb 93 16:53:29 PST

Raw message

From: nowhere@bsu-cs.bsu.edu (Chael Hall)
Date: Mon, 22 Feb 93 16:53:29 PST
To: cypherpunks@toad.com
Subject: Remailer Changes
Message-ID: <9302230050.AA14615@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



     I had an idea just a bit ago.  Here is the scenario:  a user wants
to know what my anonymous ID for nowhere@bsu-cs.bsu.edu is on anon.penet.fi.
All he has to do is send a message like the following to my account:

From: whomever@wherever.com
To: nowhere@bsu-cs.bsu.edu
X-Anon-To: anXXXX@anon.penet.fi  <-- his anon ID

...

     Then, that message will eventually get to him with my remailer's
anonymous ID on it!  That ID is the same as my personal ID.  Oops...
So, I made up a refuse list for the remailer.  Any address that contains
a "to" address that is on my refuse list will not be mailed to.  Complete
addresses can be used or just partial ones (for example "anon.penet.fi".)
I know that this also makes it impossible to mail to other users on the
penet site...  Oh, well.

     I just implemented the refuse list, so it will just "eat" any message
that is sent to an address on the refuse list.  No error message is sent
back to the user, it just doesn't get sent.  So, I guess my anonymous ID
is safe afterall.  :)  I would suggest that everyone else (if they
haven't already) refuse to remail to anon.penet.fi if their remailer is
setup on their personal account.

Chael Hall

--
Chael Hall
nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu
(317) 285-3648 after 5 pm EST





Thread