Location: Home / FAQ / Remailers FAQ

· Email Privacy
· Privacy Tips
· FAQ
   · Crypto FAQ
   · General Mail FAQ
   · Remailers FAQ
· Test Your Email
· Remailers List
· Useful Software
· Useful Links
· Tell a Friend

· Public Web Proxies
· Stay Invisible

	Link Exchange

Remailers FAQ

What is a remailer?
Why would you use remailers?
Are there many remailers?
Are they free-of-charge ?
How does a remailer work?
What is the difference between a "PSEUDO anonymous" and an "anonymous" remailer?
How safe are remailers?
Which remailers are good? Reliable? Secure?
Are the web-based e-mail accounts remailers?
How long will it take for my message to get to its recipient?
Can I receive a reply from the recipient of my message?
What is chaining?
Are there any weak points in the remailers chains ?
What is better: web interface or a remailer client program?
What is a Cypherpunk Remailer?
What is a Mixmaster Remailer?

What is a remailer?

A remailer is a program that runs on a computer somewhere in the Internet. It allows you to send electronic mail to a news group, or to a person, without revealing your true name or e-mail address to the recipient. When you send mail to the remailer address, the remailer takes your name and your address off of the mail header and forwards it to its next destination. The recipient gets mail that has no evidence of where it originally came from, at least not in the headers.

Why would you use remailers?

Maybe you don't want people "spamming" or "flaming" your e-mail address. Maybe you're seeking employment via the Internet and you don't want to jeopardize your present job. Possibly you want to place personal ads. In short, there are many legitimate reasons why you, a law abiding person, might use remailers.

Are there many remailers?

Yes, there are dozens of popular remailers.

Are they free-of-charge ?

Not all of them. A number of services either charge user fees, or support themselves via advertisers.

How does a remailer work?

It strips away real names and addresses, gives a new identity, and forwards the message to a news group or a persona. This process protects everyone's privacy. This process is tedious for a person but easy for a computer.

What is the difference between a "PSEUDO anonymous" and an "anonymous" remailer?

Most people use the expression "anonymous remailer" as short hand for all types of remailers. This causes confusion. A "PSEUDO anonymous" remailer is basically an account that you open with a remailer operator. This means that the operator knows your real e-mail address. Your privacy is as good as the remailer operator's power and integrity to protect your records. Truly ANONYMOUS remailers provide much more privacy than PSEUDO anonymous remailers. However, in general, they are much harder to use than the PSEUDO anonymous.

How safe are remailers?

For most low-security tasks, such as responding to personal ads, using PSEUDO anonymous remailers with passcode protection is undoubtedly safer than using real e-mail addresses. But the person who runs your e-mail system might intercept your secret messages to and from the remailer. It's possible that some intruders broke into the remailer (unbeknownst to the remailer's administrator) and that they can read your messages at will. If you use a United States based remailer, a U.S. judge could subpoena the remailer's records.

Which remailers are good? Reliable? Secure?

The "good" and "reliable" remailers are the ones that work for you and have the feature set you need or want. The "secure" remailers are the ones operated by those who do not monitor the traffic passing through them and have good security policies in place on their networks and machinery to prevent their remailer from being penetrated by unauthorized parties and subsequently compromised. Since you can never know for yourself how "secure" any individual remailer is, you should always use encrypted chains of remailers to send your messages.

Are the web-based e-mail accounts remailers?

These e-mail accounts can provide a measure of privacy, if you sign up for them using an alias, pick good passcodes, and access your account carefully. But generally, these services are designed for convenience, not privacy or security.

How long will it take for my message to get to its recipient?

Your e-mail message can go through several systems before it reaches its final destination. So, it varies from the length of the way and, also, from the type (type 1 or type 2) of the remailer, but usually, it's no more than half a day, and sometimes quicker. But if it's been about a day and your message did not arrived, it's a good idea to try sending your message again.

Can I receive a reply from the recipient of my message?

Not automatically. The "From:" line of your message will give no indication of who you are, and will not provide a means for your recipient to contact you. If you put a return address in the body of your message, your recipient can contact you that way.

What is chaining?

Chaining is using more than one remailer to send your encrypted message. Basically, you send a message to remailer A with instructions to send it to remailer B, which in turn finds instructions to send it to remailer C, and so on, until the final recipient receives the message. The intention is to obfuscate the origin of the e-mail and/or (with the help of encryption) the content of the message body. At any given point on it's route, such a message will reveal only where it came from and where it is going. If the message was not chained (only one remailer was used) then that remailer operator or a successful traffic analyst can know the true source and destination of the message.

Are there any weak points in the remailers chains ?

Yes. Since your message must enter the remailer network somewhere, that first remailer operator can always know where the message is really coming from. He knows as much about you as can be revealed from your e-mail headers. But if your message is chained to another remailer and encrypted with that remailer's key, then the first remailer and anyone snooping his traffic cannot read your message.

What is better: web interface or a remailer client program?

Using web interface is not as secure as using a remailer client on your own system. Also, don't forget that if you aren't using SSL to connect to remailer, your submissions will be visible to anyone that can sniff your session. So, if possible, use SSL to connect to remailers.

What is a Cypherpunk Remailer?

Also referred to as a Type I, this is a remailer that accepts messages encrypted with its publicly available PGP key. Keep in mind, too, that there are currently only a few Cypherpunk (Type I) remailers that will accept non-PGP messages and their number is dwindling.

What is a Mixmaster Remailer?

Also known as a Type II remailer, this kind of remailers accepts messages in the Mixmaster format. It doesn't use a PGP key but, instead, it uses it's own Mix key based on RSA and Triple-DES encryption. Messages are sent through chains of Mixmaster remailers. Each remailer removes one layer of encryption, and forwards the message. When the final remailer delivers the decrypted message to the recipient, it is impossible to find out where it came from even if part of the remailer chain is compromised. Mixmaster remailers improve on Cypherpunk remailers by making traffic analysis much more difficult. They do it by making all incoming and outgoing messages the same size (28.1kb) and by re-ordering messages before delivery - so that the traffic coming in cannot be associated necessarily with the traffic going out.

© 2003-2005 Glastonberry Inc. | Policy

Powered by WebGUI | Staff Login