From: Adam Back <aba@dcs.ex.ac.uk>
To: andy@CCMSD.chem.uga.edu
Message Hash: cac4c6bef82769c97f623c0d8804b62be8d63faa29214b327a4f34eb24353cb0
Message ID: <199708080223.DAA01636@server.test.net>
Reply To: <Pine.LNX.3.94.970807215626.2843K-100000@neptune.chem.uga.edu>
UTC Datetime: 1997-08-08 08:54:51 UTC
Raw Date: Fri, 8 Aug 1997 16:54:51 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Fri, 8 Aug 1997 16:54:51 +0800
To: andy@CCMSD.chem.uga.edu
Subject: Re: disposable remailers (was Re: Eternity Uncensorable?)
In-Reply-To: <Pine.LNX.3.94.970807215626.2843K-100000@neptune.chem.uga.edu>
Message-ID: <199708080223.DAA01636@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain
Andy Dustman <andy@CCMSD.chem.uga.edu>
> > Wasn't there an email forgery web page around for a while. The idea
> > was that you filled in the details of who you wanted to send to, what
> > address you wanted it to appear you had sent it from, and paste your
> > message in this form box. It did some kind of crude sendmail forgery
> > for you.
>
> Hmmm. Someone has recently been forging mail to appear to be from cracker
> through something like this (very bad forgery, headers are all wrong).
I said "wasn't there", as in past tense. It got nuked years ago now
(literally) because of complaints. When I looked at the page it still
had the text but a note that it was disabled, and why.
Just wandering if anyone knew if anyone else had set up something more
recently that still worked.
> > You'd not want to use the same public access account regularly.
>
> I'm not thinking of an account so much as maybe a PC in a university
> computer cluster. Pick one and go. At a big university there should be
> several clusters around campus.
You might get away with that for a pretty long time, I guess.
> > I think the connecting to the web based interface of one of those free
> > web gateways via www.anonymizer.com web based interface has potential.
>
> It does, but I know The Anonymizer blocks some sites, at their request.
Right. So there is one anonymizer, and if we make a big game of using
this method, Lance will get threats, and at best be asked to block
them. We need something more distributed.
That network of anonymizers isn't here yet.
> > How much trouble can you get in with ISPs for forging email? Do they
> > care?
>
> Mindspring cares. My ISP was absorbed by them about two weeks after I
> signed up. They say in their terms of service that impersonating someone
> else is forbidden, but they specifically allow the use of anonymous
> remailers and nicknames. I assume this means forging is frowned upon,
> unless you are impersonating someone who doesn't exist, I guess.
Well I was thinking along the lines of:
bubba@dev.null
type addresses yes. You ain't imitating anyone there. I wonder if
they frown on generating non-replyable email addresses though.
Non-existant domains. I speculated in the previous post that perhaps
the habit of using:
gizmo@netcom.com.NOSPAM
might make ISPs accustomed to having people use non-replyable email
address all the time.
Adam
--
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Return to August 1997
Return to “Wei Dai <weidai@eskimo.com>”