LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Anonymous e-mail?

Anonymous e-mail?

Posted Dec 18, 2003 14:53 UTC (Thu) by tonnesen (guest, #3589)
In reply to: Anonymous e-mail? by lovelace
Parent article: Spam-proofing the mail system

Any of these proposals would limit the possibility of sending anonymous e-mails. What would we lose if, say, the domain keys proposal was limited? A whistle blower couldn't send an e-mail to a newspaper without worrying that he could be identified later? I'm sure there are many other instances where anonymous e-mail is desirable. How is anonymous e-mailing done now? You can't just forge the sender. The originating IP address will still show in the headers and be traceable.

Should anonymous e-mailing be a pay-as-you-go system? You can send mail from your account at wekeepyouhidden.com which you pay $20/month for.

What about the "free" e-mail systems like hotmail, yahoomail, etc. They'll presumably get domain keys, and continue allowing spamers to send spam through them. What percentage of current spam is sent through these systems now? They wouldn't solve the anonymity problem because, as far as I know, they all attach the originating IP address to the messages they send.

Should anonymous e-mailing be a pay-as-you-go system? You can send mail from your account at wekeepyouhidden.com which you pay $20/month for. My gut tells me this is the only way to get true anonymity now (short of cracking computers and sending from there, but I can't exactly endorse breaking the law as a solution).

My feeling is that blacklists like SpamCop et al would be significantly more effective under the domain keys proposal. Blacklist systems could easily link all messages from one domain together and aggregate the complaints they receive about that domain.

(Log in to post comments)

Anonymous e-mail?

Posted Dec 18, 2003 18:06 UTC (Thu) by iabervon (subscriber, #722) [Link]

Anonymous email would still be possible under the SPF system, at least,
by simply permitting mail from hosts that don't claim to be anyone in
particular. Such email wouldn't be verified at all, since it didn't claim
to be anything in particular. Most people would just throw it away, but
anonymous tip lines wouldn't (since they wouldn't get anything else,
obviously), and spammers wouldn't tend to spam such addresses anyway (do
spammers really want to reach investigative reporters at their work?).

Furthermore, if people are actually using an anonymizing network, the
email will come out with a perfectly valid and legitimate address which
simply can't be tracked back to the sender, and is authenticated as being
an anonymous message from this remailer. These systems are generally
pseudonymous, in any case, so that the original sender can send
additional messages authentically, and these systems would merely
authenticate the pseudonym. Again, this mail would be filtered by most
people, but would get through to people who intend to pick up anonymous
tips.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds