[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WebDesignHQ Flash SiteBuilder Newsletter

On Sun, 25 Aug 2002 06:37:52 -0500 
Harmon Seaver <hseaver@cybershamanix.com> wrote:

> People posting anonymously thru a remailer aren't going to be able
> to confirm their address.

There are two forms of remailers which for the sake of description I'll
call single and double blind.  Single blind remailers hide the identity
of the poster but provide an email by which he may be reached (remember
anon.penet.fi?).  Double blind remailers hide both ends from each other
(eg mixmaster).  

Neither need change their operation in the slightest.

>> Spammers who never confirm never make it to the list.  The rare
>> spammers who do confirm are easily tracked and blacklisted.  If you
>> really need to support double blind remailers just log the TMDA
>> confirms to a central site where they can be browsed.  Double blind
>> remailers then pick up the confirm tokens for their own posts and
>> punch them thru to the list.
 
> You can't expect the remailers to change their method of operation to
> work with this.

I don't expect them to change a single line of code or a single aspect
of their operations.

TMDA confirmations require that a special address receives an email.
The *fact* of that address receiving an email releases the matching
single held message.  It doesn't care where the message is sent from,
just that it gets one.  (If it doesn't after N days the held message is
silently deleted)  How it works:

  The mixmaster user emails the list

  His message is held by TMDA

  He browses the list of held messages and finds the
  token/special_address for his message

  He emails that address (blank message is fine, thru mixmaster again is
  fine) to release his message to the list

Yes, the double blind remailer user has to do extra work to retain his
privacy _AND_ post to the list.  This is hardly a surprise: they are
already having to do extra work to retain their privacy.  The fact that
he now also checks a web page or a public read-only IMAP folder as well
is hardly onerous.

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw@kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/