Tuesday, December 27, 2005

Intro to Remailers

How often have you thought of having anonymity in the emails that you send? It would have been really great to have that power, something like The Invisible Man. But what if someone told you that it is really possible to send emails without your identity being disclosed? The only criterion that people should practice is a bit of discretion while using such services. For with power comes responsibility. This article won’t tell you where you will get such services nor the setup procedure. If you are really interested do your own little scouting. I am just going to elaborate a bit on remailers; yes these anonymous services are coined as remailers.

A remailer is a service that provides anonymity to the sender of an email or newsgroup post by acting as an intermediary between the sender and receiver. The sender’s message goes first to the remailer, which strips away the headers associated with the sender, replacing them with its own. It then forwards the mail to its final destination. The receiver cannot deduce the origin of the mail or post by looking at its headers –- only the remailer’s headers will appear.

There are a myriad of practical reasons to use a remailer. For example, remailers can provide anonymous participation in USENET support groups to keep employers, or even children and spouses from Googling personal posts. Remailers provide people of every country the opportunity for free speech (do take it with a grain of salt, free speech without harming anyone), even where local governments forbid it. They also protect the sender when the nature of the message might cause personal repercussions, as in the case of a whistleblower.

For the average Internaut, a remailer can be a useful tool for keeping your personal email address private. If you want to send feedback to a favourite website or blogger, using a remailer will ensure that they receive your message without receiving your email address. This applies to USENET messages as well. Participation in controversial debate-based newsgroups can become contentious, but a remailer will ensure you won’t have stalkers following you back to your mailbox.

Along with the freedom that a remailer provides comes responsibility. Using a remailer to harass, threaten, taunt or engage in flame wars is considered abuse of the remailer. In the headers of any remailed email or post, there is an address the receiver can email to complain of abuses. These may or may not be acted upon, depending on the owner of the remailer and the nature of the posts. Don’t accuse me later that I didn’t warn you guys earlier!!!

Though using one remailer is sufficient for casual purposes, several remailers can be used in a “chain” to make the message harder to track and provide even greater security. In this case, the first remailer in the chain strips away your headers and sends the mail to another remailer. That remailer does the same, stripping away the previous remailer’s headers and sending the message to the next remailer in line, until finally the message is delivered. At the end point, tracing the origin of the message only gets as far as the last remailer in the chain. If there are still server records available, the message might be able to be tracked back one more step, but the sleuth would run into the same problem at that juncture. Remailers, as a matter of security, allege to delete all messages off their servers daily, precisely to eliminate having to turn over server records to authorities.

Anyone with skill can run a remailer. It is widely believed among the remailing community that some remailers are probably run by government agencies. Even a nobody like “Swarnendu” can run an unscrupulous remailer, reading messages that pass through his server. For this reason, most people who use a remailer encrypt their messages with PGP (Pretty Good Privacy). The message is only unencrypted at the end of the chain. Without using PGP, your message may be anonymous to the receiver, but it will be available to all of the remailers in between. Now this is not what you want, or does it not bother you?

Many freeware programs are designed to deliver email and newsgroup posts via remailers. Purists contend that using remailers manually with these programs is safest, though will be a learning curve involved. There are also remailing services on the Web that automate the process and are probably sufficient for most of our purposes (nothing except playing pranks). But on a serious note, purists reject Web services because there is no real guarantee that the service itself does not employ a “back door.”

No comments: