From owner-freebsd-doc@FreeBSD.ORG Tue Apr 12 06:39:29 2005 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BA1516A4CE for ; Tue, 12 Apr 2005 06:39:29 +0000 (GMT) Received: from nym.alias.net (nym.alias.net [18.26.0.252]) by mx1.FreeBSD.org (Postfix) with SMTP id 5F4B543D48 for ; Tue, 12 Apr 2005 06:39:28 +0000 (GMT) (envelope-from nobody@nym.alias.net) Date: 12 Apr 2005 06:39:27 -0000 Message-ID: <20050412063927.19442.qmail@nym.alias.net> To: freebsd-doc@freebsd.org X-Loop: nym.alias.net From: Help Message Subject: Instructions for using nym.alias.net X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Apr 2005 06:39:29 -0000 INSTRUCTIONS FOR NYM.ALIAS.NET $Revision: 1.77 $ TRANSLATIONS OF THIS DOCUMENT Unter http://www.iks-jena.de/mitarb/lutz/anon/n.a.n.help.html findet sich dieser Text in deutscher Sprache. Zagladajac do http://www.hyperreal.art.pl/cypher/remailer/nym.html>hyperreal a znajdziecie polskojezyczne opracowania dotyczace pseudonimow. ADDITIONAL HELP If you need help for problems which probably aren't bugs in the server software, please direct your questions to the newsgroup alt.privacy.anon-server or to the maintainer of the client software you are using (if appropriate). NOTICE For the very latest version of this file, finger or send mail to . An HTML version of this file is available by fingering or sending mail to . The version of this file on the nym.alias.net web page is sometimes a few days older than the version available directly from nym.alias.net. PGP 5.0 Nym.alias.net does not support PGP 5. It is recommended that you use PGP 2.6.2 (or a more recent version of PGP 2) with nym.alias.net, though PGP 5.0 might work in compatibility mode. Nym.alias.net will not support PGP 5 until a stable, free, legal (in the US) version is available in source form. INTRODUCTION The nym.alias.net server allows you to send and receive E-mail pseudonymously through a username of your choice on nym.alias.net. If, for instance, you choose username , you will be able to send and receive E-mail at that address, and even get fingered at that address. The system is designed to prevent anyone, even the administrators of nym.alias.net, from finding out the real person behind any mail alias. If you use this service properly, an adversary will have to compromise multiple remailers operated by different people in order to find out your real identity. For each mail alias or "nym" (short for pseudonym) on nym.alias.net, the server has on file a PGP public key, a reply block, and a few configuration parameters. The PGP public key is used to authenticate both configuration requests for your nym and outgoing messages you wish to send from your nym.alias.net address. Such messages should be sent to nym.alias.net anonymously, to avoid any connection between your real E- mail address and your pseudonym. The PGP key can also be used to encrypt any mail received for before that mail is forwarded to you through the remailer network. The reply block contains instructions for sending mail to your real E- mail address (or to a newsgroup such as alt.anonymous.messages if you want your mail delivered there). These instructions are successively encrypted for a series of so-called Type-1 remailers in such a way that each remailer can only see the identity of the next hop. To send you an E-mail message (after optionally encrypting it with your nym's PGP key), the server will prepend your reply-block to that message and feed the result directly to the Type-1 remailer . [Note that this remailer is reserved for use by nym.alias.net aliases and people debugging their reply-blocks, so you shouldn't see it listed in any of the standard remailer lists.] Thus, mail you send to nym.alias.net arrives anonymously through the remailer network. Mail you receive from nym.alias.net leaves the server with an encrypted reply block, and can be sent either directly to you or to a message pool such as the newsgroup alt.anonymous.messages. When used properly, therefore, nym.alias.net provides the convenience of an ordinary E-mail address with a strong assurance that your true identity will remain a secret. CLIENT SOFTWARE This document describes the gory details of the E-mail message interface to nym.alias.net. While it is possible to create and decode all your nym messages manually, it is far easier to use client software which automates the process. The primary design goal of nym.alias.net was to provide the highest degree of privacy possible. This required a great deal of complexity in the message formats, complexity far better handled by client software than humans. If you use a unix system, there is a program called premail which creates and manages nym.alias.net pseudonyms for you. For more information on premail, see ftp://utopia.hacktic.nl/pub/replay/pub/remailer/premail. The nym.alias.net support in premail was contributed by the author of nym.alias.net, so if you report nym.alias.net-specific problems in premail you can CC . If you use a DOS/Windows system, you can use a program called Potato to create nyms, decrypt incoming mail and send outgoing mail from your nym. See http://www.bigfoot.com/~potatoware for more information or to download Potato. Another DOS/Windows program for managing nyms is called EasyNym, and is available from http://home.clara.net/j.davies/easynym/. Still another, DOS/Windows program for managing nyms is called Private Idaho. See http://www.eskimo.com/~joelm/pi.html for more information on Private Idaho. A newer version of Private Idaho (recommended) is available from http://home.sn.no/~balchen/igloo/pidaho/. Please do not contact for help with Private Idaho or Potato, as the administrators of nym.alias.net do not use either software package or have access to the hardware and operating systems necessary to try them. If you have problems with these software packages, try asking for help in the newsgroup alt.privacy.anon-server. In addition, there are some unofficial nym.alias.net/PI instructions at http://www.dnai.com/~wussery/pgp.html may be of use, too. SETTING UP A MAIL ALIAS To create a new alias on nym.alias.net, you will need to generate a PGP key for that alias, create a reply block for receiving mail sent to that alias, and finally send both of these to in a configuration message. This process is somewhat complicated, and can easily go wrong. For this reason it is recommended that you use one of the programs described in the section on "CLIENT SOFTWARE" if you can. If you do create an alias manually and you run into problems while setting things up, skip to the section on "PROBLEMS AND SOLUTIONS" at the end to see if you are making a common mistake. An alternate, unofficial, and perhaps less technically daunting description of setting up a pseudonym can be found at http://www.stack.nl/~galactus/remailers/nym.html. GENERATING A PGP KEY FOR YOUR NYM To generate a new PGP public/private key pair for use with your nym, run the command `pgp -kg'. PGP will ask you to enter a user ID for your public key. What you choose for a user ID depends on how you intend to use your nym's PGP public key. There are two approaches you can take: 1. Publish your nym's key. If you want to sign messages directly with your nym's PGP key and have others encrypt mail with that key, you should choose a PGP user ID that contains your nym.alias.net E-mail address in angle brackets. For instance, an ID like this: A Test User If you do this, you will be able to submit your key to the PGP key servers and even make it available via finger at nym.alias.net (see the +fingerkey Nym-command below). Be aware, however, that publishing your nym's PGP key may put your privacy at risk. PGP does not protect the identities or fingerprints of keys on your private key ring; only the keys themselves are protected by a passphrase. If your nym's PGP key is publicly available, anyone with access to your secring.pgp file (or a backup of it) will be able to figure out if that public key belongs to you. Thus, you should only publish your nym's PGP key if your secring.pgp file is secure, or if you have software such as premail (finger premail-info@nym.alias.net) that will encrypt entire PGP keyrings for a pseudonym account. 2. Keep the public key secret. Alternatively, you can prevent your PGP key from being traceable to your nym account. For this approach, you should pick a user ID that is not very descriptive and gives no indication of either your real E-mail address or your nym address. Though PGP will not allow a null user ID, you can choose a user ID which is only a space, or something seemingly unimportant like `test key'. Do not sign your PGP key if you want to keep it secret. Do not submit it to any key servers, give it out to people, or use it to sign messages that aren't also sent to and encrypted for or . Note that even if you don't publish your nym's PGP key, you can have the nym.alias.net server sign your outgoing mail with its own PGP key. This can be used to guard against simple mail forgeries. Obviously, however, it is preferable to use your own PGP key if you can do so safely. Whichever approach you choose, make sure you never use your nym public key for any non-nym related purposes. Your nym secret key should probably have a different passphrase from your regular PGP key to help prevent you from using it in the wrong context. You may also wish to put a line like: MYNAME = in the file $HOME/.pgp/config.txt (which you can create if it does not already exist). This explicitly tells PGP to use your regular PGP key rather than your nym key by default. Once you have a PGP key for your pseudonym, you can extract it to a file, for instance by executing these commands from your shell: pgp -fkxa "nym key ID" > tmpfile On Unix systems, you may wish to make sure tmpfile cannot be read by any other users. For this you can run the command `umask 077' first. Here and in the rest of this document, "nym key ID" is the user ID you chose for the PGP key you generated, or some unique substring of that key. If you chose option one above (publishing your nym key), then you can just use yournym@nym.alias.net as the nym key ID. Otherwise, you will need to use whatever user ID you did choose. Note that if the user ID you type contains any spaces, you will need to surround the whole thing with double quotes, as shown above. (You can surround it with double quotes anyway--it won't hurt anything.) CREATING A REPLY BLOCK Another explanation of how to create reply blocks is available on the help page of the now defunct alpha.c2.org remailer: http://www.well.com/user/abacard/alpha.html. Note that alpha.c2.org did not run the same software as nym.alias.net, so only the description of reply blocks will be relevant on this web page, not any other description of how the service worked. To create a reply block, first choose some passphrases for shared-key, conventional encryption with "pgp -c". Suppose you want your message encrypted first with your nym's public key, then with shared key "passphrase_b", then with shared key "passphrase_a". Create a remailer message like this: :: Anon-To: you@your.email.address Latent-Time: +0:00 Encrypt-Key: passphrase_a ** Here "Latent-Time: +0:00" will prevent any delay. You can and should use something longer or omit the Latent-Time header if you want more security. Note that if for passphrase_a you choose a passphrase with a space character in it, some remailers may require you to surround the passphrase with quotes (though other remailers may not understand the quotes). You will need to encrypt the above message with a remailer's PGP public key. Note that the remailers used in this example do not exist any more. They are here only as examples. You can get an up to date list of remailers and their public keys from http://www.cs.berkeley.edu/~raph/remailer-list.html, or by fingering remailer-list@kiwi.cs.berkeley.edu. On this list, only remailers that have all three of the "cpunk", "pgp", and "ek" properties should be used for reply blocks. In addition, make sure the remailers you chose are listed in the statistics section lower down on the page (some of the remailers listed in the top section are no longer functional). You can add the PGP keys of all the remailers to your PGP public key ring by running: finger pgpkeys@kiwi.cs.berkeley.edu | pgp -fka Once you have selected a remailer, for example , and have added that remailer's key to your PGP public keyring, encrypt the above message with that remailer's key. If the above were stored in a file rblock1, for instance, you would encrypt the message with the command: pgp -eat rblock1 remailer@utopia.hacktic.nl To yield a file called rblock1.asc with cyphertext like this: -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- Prepend to this the following header: :: Encrypted: PGP Finally add another set of remailer commands to send the above cyphertext to the remailer for which you just encrypted-- remailer@utopia.hacktic.nl in this example. The result should look like this: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** Note two things about this message. First, there must be a blank line before the second `::'. Second, you must add `**' to the end of your message. `Encrypt-Key:' will cause everything below the `**' to be encrypted. If you don't include it, remailers will either fail to encrypt your mail or even discard it. For greater security, you should now repeat this process some number of times so that mail to your pseudonym travels through multiple remailers. Pick another remailer from the list. Encrypt the entire above message from and including the first `::' up to and including the `**', and add a new set of headers for sending to the second remailer you have just picked. The result will look just like the above message, only with a larger PGP portion and different `Anon-To:' and `Encrypt-Key:' headers. For instance, if you chose the remailer , your reply block might now look like this: :: Anon-To: cpunk@remail.ecafe.org Latent-Time: +0:00 Encrypt-Key: passphrase_c :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 dHNr1NA6WWaIfV0pR+sluNWFxNYuTk0OFgtg8c0ABRG0Kzxjb25maWdAbnltLmFs aWFzLm5ldD4vPHNlbmRAbnltLmFsaWFzLm5ldD6JAJUDBRAxumL3RMG0dWLnx9EB AaRTA/4xIgNrem7Yay0/rFfXgoGHUhWsZVhAlQP1fVEIRYuYEC4Biodwx3nYL31r 9IcgBkm/DUddkfCUfroMr7wbm6GnYnrVLc4dZ9ACCjUVX7n5hvanc8/Efx0yE03l D+r9n5liz5X4vk65f+DIw1LykM9zTg/4GNwAENn6H5YTtg6Q+IkBFQMFEDG6YVlO hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** The last remailer you encrypt for will be the first remailer your mail goes through. The last `Encrypt-Key:' header will therefore be the first key with which your message is encrypted, and the last with which you will need to decrypt received mail. With this example reply block, you would need decrypt received mail first with "passphrase_a", then "passphrase_b", then "passphrase_c", and finally with your nym's private key. SENDING IN A NYM-CREATION REQUEST Once you have a PGP key and reply block for your nym, you must send a configuration request to to create the nym. A creation request contains four things: The pseudonym you wish to use, a "create" command, your nym's public key, and the reply block for your nym. The reply-block must always come last in your mail message. Suppose you wanted to choose the alias . If you wanted outgoing mail from your nym to have From: lines like this: From: A Test User And you wanted people who fingered your nym to see: Mail Alias: yournym Name: A Test User PGP Public-Key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzGf6A8AAAEEAPknqWEUA8U4+l5TFkD5Fj0COten6bbIe5bBb/1MvI+w6mFl z06CPb2K/Z1fzjT48ZyxwYR+S3jU3Z96JEFRl99HYh3lTIUiBHW/XtwyefF0y61x qYkNuUpSFh9BDBFM7N3uVvaNbzLiFnqCpZLm5ZIfrLcla3qUgkTBtHVi58fRAAUR tDhsY3MgbWl4bWFzdGVyIGFkbWluaXN0cmF0b3IgPG1peC1hZG1pbkBhbm9uLmxj cy5taXQuZWRxPokAlQMFEDGf6ClEwbR1YufH0QEBX60D/jZ5MFRFIFA1VxTPD5Zj Xw2bvqJqFvlwLD5SSHCVfe/ka6ALuxZGFKD/pHpUAkfv1hWqAYsJpi0cf8HSdi23 bh5dUeLJnHHHDmd9d55MuNYI6WTi+2YoaiJOZT3C70oOuzVXuELZ+nZwV20yxe8y 4M3b0Xjt9kq2upbCNuHZmQP+ =jIEc -----END PGP PUBLIC KEY BLOCK----- You could a create message like this: Config: From: yournym Nym-Commands: create +acksend +fingerkey name="A Test User" Public-Key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzGf6A8AAAEEAPknqWEUA8U4+l5TFkD5Fj0COten6bbIe5bBb/1MvI+w6mFl z06CPb2K/Z1fzjT48ZyxwYR+S3jU3Z96JEFRl99HYh3lTIUiBHW/XtwyefF0y61x qYkNuUpSFh9BDBFM7N3uVvaNbzLiFnqCpZLm5ZIfrLcla3qUgkTBtHVi58fRAAUR tDhsY3MgbWl4bWFzdGVyIGFkbWluaXN0cmF0b3IgPG1peC1hZG1pbkBhbm9uLmxj cy5taXQuZWRxPokAlQMFEDGf6ClEwbR1YufH0QEBX60D/jZ5MFRFIFA1VxTPD5Zj Xw2bvqJqFvlwLD5SSHCVfe/ka6ALuxZGFKD/pHpUAkfv1hWqAYsJpi0cf8HSdi23 bh5dUeLJnHHHDmd9d55MuNYI6WTi+2YoaiJOZT3C70oOuzVXuELZ+nZwV20yxe8y 4M3b0Xjt9kq2upbCNuHZmQP+ =jIEc -----END PGP PUBLIC KEY BLOCK----- Reply-Block: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** Note that the first line of this message was `Config:'. Any message sent to config@nym.alias.net will be silently discarded if the first line is not `Config:'! Note that the `From:' line just contains the name "yournym", and nothing else. Do not put angle brackets or anything else on your From line. (Though as a special case, `From: yournym@nym.alias.net' will work as long as it is not surrounded by angle brackets.) Note also that your PGP key will not be visible via finger unless the key user ID contains your nym E-mail address in angle-brackets. You can also prevent your public key from being available via finger by omitting the `+fingerkey' from the `Nym-Commands:' line. The above message must then be encrypted with the nym.alias.net public key, and signed by your nym's new private key. The nym.alias.net public key is listed here, and is also available by fingering or sending mail to . You can run finger remailer-key@nym.alias.net | pgp -fka to add this key to your public keyring. You might then run `pgp -kvc nym.alias.net' and verify that your copy of the public key has fingerprint `B6 41 A7 85 4E A8 C7 6D DD 02 18 4E 4A A9 84 E3'. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAzGzy5AAAAEH/2JjaB4AuQff90Mejru+FVptG4/wPmwK7WteavNXJpYxWoRm SzxwNz70q4QCLKBR0QnzXqGeGtCB5IE4dIuPIkMiPvRv57rBaDe4qkzNkgwuZiH9 qGMsOSidCf+xaIJyL7RtljKuDSU8KH2OGIdwEpGa20U+9oXabWCpWwVvfJhgxPFF xhiFLeMzhEUgsVXxIn2ThD8AyHyTUXWd11nvvTeKt+y9qX+7fUDrn6HIl1lFmxQA RAOc83jjDNgWbanHWG9+1g8KFLkBrEdxJtNQeb/JMSZ122Dxda5CwtMnQGI0mCcr dHNr1NA6WWaIfV0pR+sluNWFxNYuTk0OFgtg8c0ABRG0Kzxjb25maWdAbnltLmFs aWFzLm5ldD4vPHNlbmRAbnltLmFsaWFzLm5ldD6JAJUDBRAxumL3RMG0dWLnx9EB AaRTA/4xIgNrem7Yay0/rFfXgoGHUhWsZVhAlQP1fVEIRYuYEC4Biodwx3nYL31r 9IcgBkm/DUddkfCUfroMr7wbm6GnYnrVLc4dZ9ACCjUVX7n5hvanc8/Efx0yE03l D+r9n5liz5X4vk65f+DIw1LykM9zTg/4GNwAENn6H5YTtg6Q+IkBFQMFEDG6YVlO TQ4WC2DxzQEBIvMH/jER9tiQcJG2NvkiOqcIeBSPLb15EPFMg1He3clRIz398ToH iv4oNKZEjVox3O0zowcUW0zfgtzhlMbudOwgoylCpCxVukuF1tsleoGlvDES0iA8 WdnYftt/rr3awf0j2pmLFbCmEDFaebuYgRXGe5yavaSjFDPzjFZqKwTYs5VnKOjP XjI0yrem4PXw6K5sOANJKaa6yFrHJ/58iqbV8Rl7p0qNwwIi1nDn5UgpDOFDqWMq sO9HUjRD2Y+Kmq6qlSg1gKV1hehZuAxHKtJAIZf+MPaI/sRbs79oN5GVwpmqoiZF vz6bLS+qs69kVwg2RQoY2BSAzyUeT+rw70YfLAc= =ekCY -----END PGP PUBLIC KEY BLOCK----- When you have the nym.alias.net public key, you can encrypt and sign your configuration request with the command: pgp -seat file config@nym.alias.net -u "nym key ID". Once you have produced a PGP encrypted and signed message, mail it to through some anonymous remailers. If the name you chose is available, this will create your mail alias. You can send mail to or finger to get a list of pseudonyms already in use. If your request is successful, you will get mail through your reply block acknowledging successful completion. In this acknowledgment, you may also be asked to confirm your reply block by sending mail to a particular confirmation address. This two step process in necessary at times to cut back on the number of nyms with bad reply blocks which are left for dead. A new account will be deleted if the reply block has not been confirmed in one week. Note that if you receive an acknowledgment which does not ask for confirmation, your mail alias will already be functional. SENDING MAIL FROM YOUR PSEUDONYM Once you have created a mail alias, you will automatically receive mail sent to that alias at nym.alias.net (encrypted first with the public key you mailed it, then with any Encrypt-Keys you specified in your reply block). To send mail from that alias, simply create a mail message, encrypt it with the nym.alias.net public key, sign it with your nym key, and mail it to . Thus, for example, create a file with (substituting the name you chose for "yournym"): From: yournym To: mail2news@anon.lcs.mit.edu Newsgroups: alt.test Subject: ignore this nym test just a test Note once againt that the `From:' line just contains the name "yournym", and nothing else. The contents of the From line in outgoing mail will be set by the pseudonym server, based on your account name and what you set with the `name=' `Nym-Command'. Do not put angle brackets around yournym or include anything else on the From line. (Though as a special case, `From: yournym@nym.alias.net' is also acceptable, as long as it is not surrounded by angle brackets.) If this file is called testpost, encrypt and sign the file by running: pgp -seat testpost send@nym.alias.net -u "nym key ID" This will create a file called testkey.asc, which you can then mail (through other remailers) to to post the above test message to the newsgroup alt.test. If you used the `+signsend' Nym-Command when creating your nym, any mail you send through will be PGP signed and dated by the nym.alias.net private key to certify its authenticity. If you do not wish your mail to be signed, or if you have published your alias's public key and wish to sign messages yourself with that key, you can disable this default signing by sending a -signsend configuration command as described below. Regardless of your nym's configuration settings, you can also enable or disable both signing and acknowledgment of outgoing mail on a per- message basis. Do so by including in your encrypted and signed E-mail message a `Nym-Commands:' header with one or two of the +signsend, - signsend, +acksend, or -acksend keywords. Ordinarily the recipients of mail you send will be determined by the `To:', `Cc:', and `Bcc:' headers of the message, which have the usual behavior. However, occasionally you may wish to specify a list of recipients explicitly. This may be useful, for instance, if you wanted to PGP-encrypt a message for some recipients but not others. In such a case, you would need to mail two copies of the message, one encrypted and one not. However, you might still want the `To:' and `Cc:' headers to reflect the full list of recipients. You can explicitly specify the full list of recipients by listing them in a `Hidden-To:' header of your E-mail message. If a `Hidden-To:' header is present in mail you send, that header will be removed and mail will be sent to the users it lists regardless of any other headers in the mail message. A NOTE ON POSTING FOLLOWUP MESSAGES TO USENET In order to post a followup article to Usenet and have it appear in a thread, you must set the `Subject:' and `References:' headers of your message correctly. The subject of your message should be the same as the article to which you are replying, unless you are replying to the first message in a thread, in which case you should prepend "Re: " to the original subject. To build a references header, copy the references header of the article to which you are replying, and append that article's Message-ID. If you are replying to the first article of a thread, it won't have a references header. In that case just use the article's Message-ID as your references header. Be sure to leave a space between Message-IDs in your references header. For example, if replying to a message which includes these headers: Subject: Re: anonymous remailers References: <5dfqlm$m50@basement.replay.com> Message-ID: <5dko56$1lv$1@news02.deltanet.com> your reply should contain these headers: Subject: Re: anonymous remailers References: <5dfqlm$m50@basement.replay.com> <5dko56$1lv$1@news02.deltanet.com> [Note that an indented line in a message header indicates a continuation of the previous line.] If replying to the first message in a thread, with these headers: Subject: Help with P.G.P Message-ID: <5e96gi$opv@job.acay.com.au> your reply should contain these headers: Subject: Re: Help with P.G.P References: <5e96gi$opv@job.acay.com.au> The references header can be trimmed to include only IDs from messages that you have quoted from or are replying to. CHANGING OR DELETING YOUR MAIL ALIAS To change either your public key, your reply block, or the parameters of your alias, you can simply send another message to similar to the one you used to create your nym. However, when modifying an existing nym, you can omit any fields you don't want to change. Thus, you can send a message which contains "Nym- Commands" but no Public-Key or Reply-Block, or one which contains only a new Reply-Block. Of course, do not include "Nym-Commands: create" in a configuration message for an existing nym as your modification request will then fail. Once again, the first line of the configuration message you send must be `Config:', and the message will need to be both signed and encrypted with pgp -seat message config@nym.alias.net -u "nym key ID" as described above for sending mail. As an example, the following message, mailed to , would set the reply block for : Config: From: yournym Reply-Block: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** After changing your reply block, you will receive an acknowledgment through the new reply block. This confirmation may ask you to confirm your reply block, in which case you must reply to the acknowledgment message before your new reply block is put in place. To delete your alias entirely, send encrypted and signed mail with simply the lines: Config: From: yournym Nym-Commands: delete (substituting your real alias name for yournym). After deleting your alias, you should receive PGP-signed mail explicitly acknowledging the deletion of that alias. An acknowledgment simply confirming generic successful completion of your request does not indicate that your alias has been deleted. You can also verify deletion of your nym by retrieving a list of all nyms through . You can give several commands using the "Nym-Commands:" header in a message to . You can place several of these commands in a single Nym-Commands header, separated by spaces, or you can can put multiple "Nym-Commands:" headers in the same message. Valid commands are: +acksend/-acksend Enable/disable an automatic acknowledgment each time a message is successfully remailed for your alias through . This configuration option can be overridden on a per-message basis by a `Nym-Commands:' header in an outgoing mail message. +signsend/-signsend Enable/disable automatic PGP signing of any outgoing mail you send through the remailer. If you disable this, anyone can forge mail from your nym very easily (particularly since the sendmail program running on nym.alias.net does not add Received: headers to all mail). If you have decided to publish the public key of your nym, however, you will want to sign all outgoing messages with your nym's public key (that is sign them a second time inside the message-- will always reject a message unless it can strip off a valid signature around the whole thing). Having a nym.alias.net signature around another signature can prevent mail readers from verifying the inside signature, so you should choose the -signsend option if you want to sign all messages yourself. (See the section on "GENERATING A PGP KEY FOR YOUR NYM" for a note on the dangers of publishing your nym's PGP key.) This configuration option can be overridden on a per-message basis by a `Nym-Commands:' header in an outgoing mail message. +cryptrecv/-cryptrecv Enable/disable automatic encryption with your nym's public key of messages received for your alias. Disabling public-key encryption will reduce your privacy. However, it may also allow you to decode received mail with client software designed for the older alpha.c2.org-style pseudonym servers. Note that even when +cryptrecv is enabled, you still should use shared-key encryption between remailer hops to prevent your mail from being traced. See the section on "SECURITY CONSIDERATIONS" below for more details. +fixedsize/-fixedsize When you send the +fixedsize Nym-Command, all messages you receive will be split and/or padded to exactly the same size (roughly 10K). This padding will take place outside the public key encryption, and so will only be useful if you also use shared-key encryption. If you do used shared-key encryption, however, (and you really should), having all your messages be the same size will make it significantly harder for anyone to do traffic analysis on mail to your nym. +disable/-disable One of the most effective forms of attack on a pseudonymous remailer such as this is to flood the system with messages for a particular destination. Moreover, because this alias software does not know a message's final destination, it is possible that some joker could point an alias at itself (maybe even using two reply-blocks to create exponentially increasing levels of traffic). To protect against this, if you send or receive more than about 10 Megabytes of mail in one day, your alias will be disabled and further mail to you it will bounce. You will receive mail notifying you of the situation if this happens to you. At this point, you can re-enable your alias by sending a message with `Nym-Commands: -disable' to . +fingerkey/-fingerkey Allow people to obtain your nym's PGP public key by fingering your E-mail address. The Key ID on your PGP public key must contain your nym's full E-mail address in angle brackets in order to be given out through finger. Thus, a Key ID of "Test User " would be visible by fingering yournym@nym.alias.net, but a key ID of just "yournym@nym.alias.net" would not be. See the section on "GENERATING A PGP KEY FOR YOUR NYM" below for a discussion of the security implications of publishing your nym's public key. name="Your Alias Name" Typically E-mail `From:' lines contain a user's full name in addition to his/her E-mail address or account name. To set up a name to be printed in all your outgoing messages, like this: From: Your Alias Name and to have that full name appear when your nym is fingered, you should send the corresponding `name=' Nym-Command in a configuration message. Note that the outer quotes are necessary even if your name does not contain any white space. If your full name name actually contains any quote or backslash characters, you must precede them with a backslash, as in, for instance: Nym-Commands: name="Billy \"the kid\" Smith" To delete your full name so that outgoing mail only shows your alias address and finger shows a full name of '???', send the command name="". create/create? One of these two commands must be given when creating a new alias. The create command will fail if a nym with the chosen name already exists. The create? command will create a new nym, but can also update an existing nym if the configuration message is signed by the nym's previous private key. delete This command deletes your alias and wipes your reply block. As described above, you should receive PGP-signed mail explicitly acknowledging the deletion of your alias. An acknowledgment simply confirming generic "successful execution" of your request does not indicate that your alias has been deleted. Note the message will not be PGP-encrypted if you have selected -cryptrecv, but in that case encryption with the proper shared keys should provide some assurance of authenticity. +nobcc/-nobcc When set to +nobcc, your nym will not receive any blind carbon copies of mail messages. When you have selected +nobcc, any E-mail sent to your pseudonym will bounce if it does not display your E- mail address in a To, Cc, Resent-To, or Resent-Cc header. Aparently- To headers are ignored for the purpose of the nobcc option--mail will bounce even if you are listed in an Apparently-To header. While blind carbon copies can be a legitimate and useful mechanism, most so-called SPAM messages are sent as blind carbon copies. Thus, +nobcc may reduce the number of SPAM messages you receive at the possible expense bouncing some legitimate blind carbon copies. - nobcc undoes the effect of a previous +nobcc command, and allows the reception of blind carbon copies again. Note: You will not be able to subscibe to any mailing lists if you select +nobcc. Default values for the Nym-Commands are: -acksend -signsend +cryptrecv -fixedsize -disable -fingerkey name="" -nobcc REPLAY The remailer keeps a replay cache, and will not accept the same message twice unless each copy has been separately signed. Thus, it is safe to send multiple copies of outgoing E-mail messages through very long remailer chains if you are worried about one copy not getting through. Whether one or more copies actually make it through, only one copy will go out. One side effect of this is, however, that if you PGP sign a test message and mail it in multiple times, it will only work the first time. Note that signatures are only considered valid for a week. Thus, if mail comes to send@nym.alias.net more than a week after you signed it, that mail will be dropped. MULTIPLE REPLY BLOCKS Sometimes anonymous remailers can be unreliable, and you would like to receive two copies of all your messages through two independent remailer chains. Alternatively, perhaps you want to send one copy of each E-mail message you receive to the bit bucket through a long series of anonymous remailers. You can assign multiple reply blocks to your nym by prefixing each with "Reply-Block:" at the end of a message to . For example, the following message to : Config: From: yournym Reply-Block: :: Anon-To: nobody@some.remailer.machine Latent-Time: +0:00 Encrypt-Key: key1 ** Reply-Block: :: Anon-To: you@your.email.address Latent-Time: +1:00r Encrypt-Key: key2 ** Will setup your alias to send one copy of each message you receive to immediately, and to send a second copy to after up to one hour of random delay. Of course, in order for this to be useful, you should use more complex reply-blocks which chain through multiple remailers. It may also make traffic analysis more difficult if you don't always use the same remailer path. You can assign a probability to a reply block by adding "x=probability" to the `Reply-Block:' line (where 'x' can be any single letter variable name). For example, consider the following reply- block: Reply-Block: p=0.75 :: Anon-To: nobody@some.remailer.machine Latent-Time: +0:00 Encrypt-Key: key1 ** Reply-Block: q=0.5 :: Anon-To: you@through.one.remailer Latent-Time: +1:00r Encrypt-Key: key2 ** Reply-Block: q=0.5 :: Anon-To: you@through.another.remailer Latent-Time: +1:00r Encrypt-Key: key3 ** 3/4 of the time, a copy of a message you receive will immediately be mailed to . After some random delay (up to an hour), your message will be mailed either to or to . Multiple reply-blocks with the same probability variable are mutually exclusive. Thus since the q blocks are "q=0.5" and "q=0.5", and since 0.5 + 0.5 = 1.0, you are guaranteed to get a copy of all your mail. Generally speaking, you will probably want all the weights associated with a particular variable to add up to 1.0 unless the reply-block is just for cover traffic. Bizarre behavior may occur if your probabilities add up to more than one--use different probability letters if you want to receive multiple copies of mail. While the idea of using many different reply-blocks with small probabilities may seem appealing for defeating traffic analysis, keep in mind that each reply block is traceable back to you. Suppose you have 10 reply blocks for your nym, each with probability 0.1. If those reply blocks become compromised, only one of the 10 will have to be uncovered to find out your real identity. SECURITY CONSIDERATIONS If you care about the secrecy of your identity, then the only truly secure way of of protecting it is by pointing all your reply blocks to usenet newsgroups and using a news server that does not log. See the section on the section on "REPLY BLOCKS POINTING TO NEWSGROUPS" for instructions on doing this. KEYRINGS AND PUBLIC KEYS The most important thing to realize about the privacy of your messages is that anyone can determine your nym's PGP public key ID from looking at an encrypted message, and anyone get the key IDs of your private keys from your private key ring without needing a passphrase. That means if you don't conventionally super-encrypt mail (with `Encrypt-Key:' headers), an observer on the network or at a remailer may be able to determine which public key corresponds to which nym, and use this to track messages. If you redirect your mail to news group alt.anonymous.messages without conventionally encrypting it, observers will be able to determine your nym's public key ID and observe how much mail you are getting. For this reason, you should conventionally encrypt your mail in addition to public-key encrypting it. If you only want to use conventional encryption for received mail, you can disable RSA encryption by sending signed/encrypted mail with 'Nym-Commands: -cryptrecv' to . There is a large benefit to using public-key encryption, however. If you only use conventional encryption and your reply-block is compromised, previously recorded messages to you will be able to be decrypted. With RSA-encrypted messages, there is no way for anyone but you to read your mail once it has left nym.alias.net. With the `+signsend' option, nym.alias.net will sign all messages you send with its PGP key (adding a disclaimer at the end of the message). This is primarily to prevent simple mail forgery which is rendered even simpler by the fact that the sendmail on nym.alias.net doesn't keep logs. If you care about the authenticity of messages sent through your nym, however, you should probably publish its PGP key, set the `- signsend' Nym-Command configuration option, and PGP-sign all your outgoing messages yourself. Be aware, however, that the identity of a key on your PGP private key ring is stored in cleartext (even though the key itself is protected by a passphrase). Thus, if you publish your nym's public key, anyone who can gain access to your PGP secret keyring (or a backup tape containing it) will find out the identity of your nym, even if that person does not know your passphrase! For this rather unfortunate reason, you are faced with a tradeoff between authenticity and secrecy. One solution is to use software that keeps your nym's PGP keys on separate keyrings, and encrypts the entire keyrings. Premail is one software package that supports this. Send mail to or finger for more information on using premail with nym.alias.net. REPLY BLOCKS POINTING TO NEWSGROUPS Reply blocks offer you strong privacy by preventing any single remailer operator from finding out the identity of a pseudonym. Nonetheless, if an adversary manages to compromise all remailers in your reply block, he will learn your true identity. Moreover, a strongly enough motivated adversary could even operate several remailers himself, or eavesdrop on communication between remailers and analyze traffic patterns and message sizes to try to track you down. An essay describing some of the vulnerabilities of Type-1 remailers can be found at http://www.obscura.com/~loki/remailer/remailer-essay.html. If you need the very highest level of security, you should completely dissociate your identity from your pseudonym's reply block. Do this by forwarding your nym mail to a newsgroup rather than to your own E-mail address. Of course, retrieving messages from a newsgroup will be considerably more difficult than simply receiving mail, particularly as nym client software does not currently support newsgroups. Moreover, you may loose mail if you don't check for news often enough, as most news servers expire articles after a few days to a week. If do you decide to forward your nym mail to a newsgroup, you should use alt.anonymous.messages, a group which exists precisely to carry reply messages to anonymous users. To set up a reply block pointing to this group, you must change the innermost portion of the reply block. Recall that one begins a standard reply block like this: :: Anon-To: you@your.email.address Latent-Time: +0:00 Encrypt-Key: passphrase_a A reply block that posts to usenet should start like this: :: Anon-To: mail2news@anon.lcs.mit.edu Latent-Time: +0:00 Encrypt-Key: passphrase_a ## Subject: some sort of subject line is required Newsgroups: alt.anonymous.messages [The `##' marks tell remailers to paste headers into a mail message. The Newsgroups and Subject headers are required for news postings.] The rest of the procedure for creating the reply block is identical. Note that while sending your mail to a newsgroup makes it virtually impossible to track you down from your reply block, you should keep in mind that news servers usually log which newsgroups and how many articles you read. Thus, someone with a pretty good idea of who you are may actually have an easier time tracking you down if you use alt.anonymous.messages than if you don't. Much depends on the particulars of the news server you use. YOUR MAIL TO NYM.ALIAS.NET If you need high security you should also be careful with messages you send to , , and . Though nym.alias.net does not keep mail logs, the machine from which you send mail may very well do so. Morever, you shouldn't be relying exclusively on nym.alias.net for your privacy. Even if the machine is secure, someone may be eavesdropping on its network traffic. Thus, avoid sending E-mail directly to the config and send addresses. Send your mail through anonymous remailers instead. You can send mail to nym.alias.net through the same Type-1 remailers you use to create your reply blocks. However, a second, stronger, category of remailers known as Type-2 or mixmaster remailers ofters higher security. Type-2 remailers may be worth using, particularly if you have avoided trusting Type-1 remailers by pointing your reply block to a newsgroup. More information about mixmaster remailers is available from http://www.obscura.com/~loki/. The mixmaster remailer (short name "lcs") is on the same machine as nym.alias.net. You might want to add it to the end of your mixmaster chain when sending mail to nym.alias.net, as this should increase security without hurting reliability. Note that the higher security mixmaster message format prevents Type-2 remailers from working in reply blocks. POLICY Any use of this alias service to violate Massachusetts or US federal law is strictly prohibited. Additionally, you may not use this service for commercial or otherwise profit-generating purposes, as this would violate the acceptable use policy of the network on which nym.alias.net resides. Do not rely on this nym server to protect your identity. You should be relying far more heavily on the integrity of the remailers through which you chain your replies. The nym.alias.net service is provided in the hope that it will be useful, but the administrators can make no guarantees whatsoever that your identity will not be compromised. That said, we will make a reasonable effort to keep the machine secure and to prevent your reply block from being compromised. However, your reply block, PGP key, and nym configuration information will all be backed up to tape in encrypted form, and could potentially be retrievable by the administrators even after you delete your account. The server also keeps (and backs up in encrypted form) two statistics about your nym: First it counts the amount of mail your alias has received in the current 24 hour period, so as to detect flooding attacks and alias loops with exponential message explosion (see the description of the -disable Nym-Command for more info). Second, the server stores the date of the last day on which you sent a PGP-signed message to or . Nym.alias.net will not accept any mail messages larger than 1 Megabyte. In addition, your account will automatically be disabled if you send or receive more than about 10 Megabytes of mail in one day. Note, however, that this limit can be waived for individual aliases. If you wish to set up a middleman-style remailer, run an anonymous mailing list, or provide some other service to the community anonymously, you can contact pseudonymously to explain your intent and have the 10 Megabyte/day limit removed from your account. In order to garbage-collect abandoned accounts or accounts with lost PGP keys, your nym will be deleted if you don't send any PGP-signed mail to or for a period of 120 days. You should receive several warning messages before this happens, however, as long as your reply-block is still valid. It is probably a good idea to update your reply-block every few months anyway, and simply doing this will guarantee that your nym never expires. Nym.alias.net is the same machine as anon.lcs.mit.edu. Keep this in mind when choosing which remailers to chain through. (Using mix@anon.lcs.mit.edu as your last hop for mail to nym.alias.net is probably a good idea if and only if you you also chain through one more hop than you would otherwise have felt comfortable with.) PROBLEMS AND SOLUTIONS Here are some common problems you may have run into if you can't get your alias to work properly. If these aren't your problems, you can seek additional help by posting to the newsgroup alt.privacy.anon-server. If you believe you have found a bug in the server software (and you definitely may have), please send anonymous, pseudonymous, or regular E- mail to reporting the problem. When reporting a bug, include as detailed an account of the problem as possible. In addition, if the bug involves configuration requests or outgoing messages, please include in your bug report the entire PGP cyphertext of a or message demonstrating the bug. Investigating bugs often involves debugging server software with the particular message that caused the problem. Therefore, if you submit a bug report from your real E-mail address rather than from a pseudonym, you should create a new throw-away nym on which to demonstrate the problem. Otherwise you may reveal your pseudonym to the administrators of nym.alias.net. COMMON PROBLEMS You can't create a pseudonym. You sent mail to , never got a reply, and when you send mail to or finger the name you wanted does not show up as used. * You forgot to make the first line of your config message "Config:". Any message to which does not begin with a line "Config:" will be sliently discarded. * You did not encrypt your message to with the nym.alias.net public key, or you forgot to sign it with your private key. Only encrypted messages are read by , and even your initial creation request must be signed by the public key you include in the configuration message. * You clearsigned the configuration message after encrypting it, instead of encrypting and signing at the same time. You must encrypt and sign configuration messages in one pass, using the command: pgp -seat message config@nym.alias.net -u "nym key ID" This should produce a message with the first line: -----BEGIN PGP MESSAGE----- If instead you run `pgp -eat ...', followed by `pgp -sat ...', you will get something like this: -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP MESSAGE----- Version: 2.6.2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA The nym server cannot decode such configuration messages. They will be bounced. * You forgot the -t option to PGP. When the nym server decrypts messages, it expects all lines to end LF. If you use an operating system which ends lines CR LF and you don't use the -t flag to PGP, your messages will contain unwanted CR characters which will pose problems when parsing the message headers. * Are the date and time correct on your computer? Nym.alias.net uses the timestamps in PGP signatures to help detect replay attacks on config and send messages. However, if the date on your computer is off by more than a few days, messages you send to config@nym.alias.net may be silently discarded. You created an alias on nym.alias.net, but never received a reply from the server. However, when you send mail to or finger , the nym appears to have been created. When you send mail to your pseudonym, however, it bounces with the message "Account disabled." * Whenever you set a new reply block, you may required to confirm the validity of the new reply block before it gets put into use. Instructions on how to confirm a new reply block are always mailed out via that reply block, so that if your new reply block does not work properly you will be unable to confirm it. If you are creating a new account and thus don't have an existing reply block, any mail to your pseudonym will bounce. If you never received a confirmation for your creation request and mail to that pseudonym bounces, you probably have an invalid reply block. To fix this, just submit a new reply block, using a message like the following, signed/encrypted with `pgp -seat' and sent to . (You don't need to supply Public-Key or Nym-Commands section, as these will already have been processed in your initial message.) Config: From: yournym Reply-Block: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** See the next section for ideas on what may have gone wrong with your reply block. You can't receive mail. You think you created an alias. Mailing even shows your alias name got created. Maybe you can even send mail from your alias. However, any time you send mail to your alias you never receive anything. * Could you have a bad reply block? Try testing your reply block by mailing a short message with it to . * Could you have forgotten the '**' (encrypt below) marks? Type-1 remailers require '**' marks to determine where conventional encryption should begin. If you omit the '**' marks, unpredictable behavior may result. Note that remailers leave the '**' marks themselves intact and only encrypt stuff below those marks. Thus, adding '**' only once in the final reply block will seem to work. However, this significantly weakens the security of your reply block, as anyone seeing your message go by can send one without the '**' and do traffic analysis much more easily on it. Encrypt the '**' and add a new one after each PGP encryption. * Did you remember to add :: Encrypted: PGP followed by a blank line before every PGP message in your reply block? Remailers won't decrypt PGP messages if the cyphertext is not preceeded by this. * Could you have forgotten a blank line between some '::' and '##' headers, or between a PGP reply-block and the next '**'? That might cause problems with some remailers. * Could you have inserted a whitespace character in a '::' header line (for instance ':: ')? Some remailers are very fussy about this and refuse to forward such messages. You receive mail, but it is not properly encrypted or the passphrases you chose do not work. * Did you remember the '**' line? * Does your passphrase contain a space character. If so, it may be that only the first word is being used to encrypt your mail. Try decrypting your mail with the first word of your passphrase. If it works, then the remailer you are using requires double quotes around multi-word passphrases, like this: Encrypt-Key: "multi word passphrase" It might be safest not to use spaces in your conventional encryption keys, but to use another character for separating words. * Are you giving an `Encrypt-Key:' header to a remailer that does not support this functionality? Look for the ek property of remailers on http://www.cs.berkeley.edu/~raph/remailer-list.html. Those remailers without that property will not be able to encrypt mail using `pgp - c'. You have established a pseudonym. You can send mail. When you receive mail, however, the '**' and `-----BEGIN PGP MESSAGE-----' lines are chopped off the beginning of the mail you receive. * This can happen when one of the remailers in your chain interprets the '**' or `-----BEGIN PGP MESSAGE-----' lines as malformed message headers and discards them. To fix this, put a blank line before every '**', '::' (except the first), and `-----BEGIN PGP MESSAGE---- -' line as you are creating your reply block. * It has been reported that this also happens if you have too many blank lines in your reply block. Therefore, make sure you have one and only one blank line in each appropriate place. At each stage of creating the reply block, it should look roughly like this: :: Anon-To: remailer@utopia.hacktic.nl :: Encrypted: PGP -----BEGIN PGP MESSAGE----- ... There is exactly one blank line before the second '::', and exactly one blank line before the `-----BEGIN PGP MESSAGE-----'. You have been using nym.alias.net for a while without problems. Then, suddenly, one of your pseudonyms stops working. * It is possible that nym.alias.net is down. To determine whether this is in fact the case, visit http://www.cs.berkeley.edu/~raph/remailer- list.html. Check the uptime statistics for the "nym" remailer. If "nym" is up, then nym.alias.net is working fine and not causing your problems. Do not send mail to saying nym.alias.net is down if the remailer list shows it is not down. * More likely, one of the remailers in your reply block is down (you can find this out from the remailer-list, too). If this is the case, you must submit a new reply block as described in the section on "CHANGING OR DELETING YOUR MAIL ALIAS". You created an alias on nym.alias.net, but then lost your pseudonym's PGP key. You would like to delete your old alias so that you can re- create it with a new PGP key. * Try at all costs to avoid loosing your nym's PGP key. If you loose it, you will need to wait 120 days for your account to expire. There is nothing else you can do. Nym.alias.net is designed for people who need high-grade privacy. While you may not need as much privacy as some, the administrators must respect the secrecy of sensitive accounts by refusing to perform any unauthenticated deletion or modification requests. If for some emergency reason you really need the administrators of nym.alias.net to do something to your account, you can send them a request if you clearsign it with your nym's PGP key. CLIENT SOFTWARE SUMMARY * Premail (for unix), is available at ftp://utopia.hacktic.nl/pub/replay/pub/remailer/premail. * Potato (for DOS/Windows) is available from http://www.bigfoot.com/~potatoware. * EasyNym (for DOS/Windows) is available from http://home.clara.net/j.davies/easynym/. * Private IDAHO (for DOS/Windows) is available from http://www.eskimo.com/~joelm/pi.html. A newer version (recommended) is available from http://home.sn.no/~balchen/igloo/pidaho/. FINGER ADDRESSES remailer-key@nym.alias.net Get the PGP public key for nym.alias.net. help@nym.alias.net A copy of this help file. premail-info@nym.alias.net Information on using nym.alias.net through premail--a tool which integrates remailers with most unix mail programs. list@nym.alias.net A list of all taken pseudonyms. E-MAIL ADDRESSES admin@nym.alias.net The address to contact if you are having problems with nym.alias.net. Please DO NOT encrypt messages to this address with the / PGP key. This key is only for use by the nym server and is not on any person's keyring. If you wish to encrypt mail for an administrator of nym.alias.net, use the PGP key for , available by fingering that address. help@nym.alias.net Sending mail to this address gets you a copy of this help file. remailer-key@nym.alias.net Get the PGP public key for nym.alias.net. list@nym.alias.net Send mail here to get a list of all taken pseudonyms. config@nym.alias.net The address to which to send configuration messages. All messages to this address must be PGP encrypted and signed with "pgp -seat". In addition, THE FIRST LINE OF PGP-SIGNED TEXT IN A MESSAGE TO config MUST BE `Config:'. Otherwise your message will be completely ignored. When sending one or more reply-blocks to , they must come at the end of the message after any `Public-Key:' or `Nym-Command:' headers. send@nym.alias.net To send mail from your alias address, PGP encrypt and sign the message with "pgp -seat", and mail it to this address. source@nym.alias.net The address to contact for source to the nym server. > From freebsd-doc@freebsd.org Tue Apr 12 06:39:27 2005 > Message-ID: <20050412063927.20866.qmail@nym.alias.net> > MBOX-Line: From freebsd-doc@freebsd.org Tue Apr 12 2005 02:39:16 > Received: from 212.112.114.106 (212.112.114.106) (HELO nym.alias.net) > by nym.alias.net with SMTP; > for help@nym.alias.net; > Tue, 12 Apr 2005 02:39:16 -0400 (EDT) > (envelope-from freebsd-doc@freebsd.org) > X-Avenger: version=0.6.1; receiver=nym.alias.net; client-ip=212.112.114.106; > client-port=3975; network-hops=23; network-path=18.26.0.1 128.30.0.245 > 18.4.7.1 18.168.0.27 192.5.89.89 192.5.89.10 198.32.11.62 62.40.96.170 > 62.40.96.181 62.40.96.101 62.40.105.2 188.1.18.53 188.1.18.110 188.1.92.5 > 188.1.47.42 194.67.223.233 0.0.0.0 194.67.220.225 212.112.96.9 > 212.112.96.135 0.0.0.0 195.38.164.34 212.112.114.106; > network-path-time=1113287914; RBL=cbl.abuseat.org (127.0.0.2) > SPF-Received: softfail; receiver=nym.alias.net; client-ip=212.112.114.106; > envelope-from=; helo=nym.alias.net; > mechanism=~all > From: freebsd-doc@freebsd.org > To: help@nym.alias.net > Subject: Document > Date: Tue, 12 Apr 2005 12:39:05 +0500 > MIME-Version: 1.0 > Content-Type: multipart/mixed; > boundary="----=_NextPart_000_0003_000052E8.00006264" > X-Priority: 1 > X-MSMail-Priority: High >