From: "Attila T. Hun" <attila@primenet.com>
Date: Tue, 11 Feb 1997 06:27:10 -0800 (PST)
To: zinc <cypherpunks@toad.com>
Subject: Re: lead remailer is shut down
Message-ID: <199702111427.GAA19963@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

on or about 970207:0339 zinc <zinc@zifi.genetics.utah.edu> said:

+i came in today to find they (university system admins) had pulled the
+plug on my machine.  this is all because some luser spammed usenet
+using the remailer on my machine.  thanks a lot.

+so, the lead remailer is gone for good; it lasted almost exactly one
+year. 

    that is the universal problem.  we make the remailer chains so they 
    guarantee privacy, but we cannot filter for spam...

    unless it is the last mixmaster in the chain.  it sounds like we
    need a postprocessor which can 

    1)  contain addresses and domain numbers of known spammers; 

    2)  log senders to obtain a usage profile (over a very short time, 
        and that is itself encrypted) which can spot enormous expansion 
        headers.  for instance, linda thompson is accusing a cypherpunk 
        [more like a cypherpunk hater] of faking her address on 
        threatening material to all 100 senators plus Al Bore; 

        interestingly, the perpetrator left enough information in the
        header, which was returned for addressing Al Bore incorrectly, 
        to be able to narrow the field; and,

    3)  most spamming seems to follow a pattern which it should be
        possible to scan for. the problem, of course, being that 
        "innocent" messages will potentially be trashed.

    whatever it takes, there are a finite number of sites which can host 
    remailer traffic.

    for instance, I have been debating whether or not we can afford the 
    load on our single T1 which is currently supporting 200 simultaneous 
    ppp connections plus some high-volume commerical web pages. We are 
    at least a year away from T3 due to lack of circuit facilities.

    let's figure a way to stop at least some of the abuse; you can not 
    stop the individual abuse, but does a spammer have any rights?

        --attila

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1
Comment: No safety this side of the grave. Never was; never will be

iQCVAwUBMv4nxb04kQrCC2kFAQHAngP+J+JRSKLXsLcug00moPK78brGzzmSTRVI
BQmHM9845OWXazbQVj6Q9+HiV5I+7wGY2INm7i6PI9ebNRptORfCTlHkmMzrwfmj
Ji/WzhDkJ0eRvmDwHxBuq5unqYLe9ACtMrOCGQo+EYywNcscsXKKuMvFKAPC/Bp8
M46FHO9AphM=
=NEYd
-----END PGP SIGNATURE-----