Introduction to anonymous remailers

Anonymous remailers provide a way to communicate by e-mail in complete anonymity. Strong encryption and a chain of cooperating remailers protects the message. Remailers can be used for good or bad purposes.

Anonymity of e-mail

The headers in a normal E-mail message allow the recipient to determine who sent the message. Even if you configure your mail client to send mail with a different "From" field, there are still enough traces to identify the sending host. Your system administrator can then find out your name quite easily.

Anonymity using remailers

The use of a remailer allows complete anonymity. The recipient can only trace the message back to the remailer, but no further. And the remailer does not keep logs, so there is no way to find out who sent the message.

Remailer logfiles

Of course, if the remailer does keep logs, the operator can easily find out who has been using his service to send mail, and to whom the mail went. To avoid this danger, you can chain remailers -- your message goes to the first remailer, who sends it to the second one, who sends it to the third one, and so on until finally the last one sends it to the real recipient. Now, none of the remailer operators can know both the real sender and the real recipient.

Protecting the remailed message

There's another catch here. E-mail is normally sent in plain text, so the first remailer's operator can read the mail message and see all the instructions for the other remailers. There will also be an instruction here with the address of the final recipient. To avoid this, you can encrypt the message and instructions. Each remailer will only be able to decrypt its own instructions, and it will send the rest to the next remailer.

To do this, a program such as the popular PGP package is used. It works with public key cryptography, which means that you can safely publish the encryption key. Everyone can use that key to encrypt messages to you, but it is impossible to decrypt the message with that key. Only the owner of the secret key can do so. Each remailer has a public key available, which can be downloaded and used to encrypt the instructions securely.

Why use a remailer?

A remailer is useful whenever you need to send something without having your real name and address on it. There are many legitimate uses for this. It can be as simple as wanting to avoid people who extract all E-mail addresses from Usenet to send junk mail to. In a business, an employee who wants to publish a bug in a product or bad working conditions can do it anonymously to avoid getting fired. With a remailer you can participate in Usenet discussions on sensitive topics, such as homosexuality or a religion or political view that is illegal in your country.

This has become very popular now that search engines like Google are indexing all Usenet newsgroups. They allow anyone to search for keywords in newsgroup articles, and such a keyword can be your name or E-mail address. This is a very fast way to see where you are posting and what you are interested in. Do you really want your boss to know you are a frequent contributor to alt.sex.fetish.hamsters.duct-tape?

In countries where freedom of speech is not seen as a Constitutional right, but rather as an annoyance to the government, using a remailer to express your opinion is necessary to avoid a visit from the secret police.

Remailer abuse

What exactly qualifies as abuse is hard to say. It depends on your point of view on the matter. An employee may see posting an anonymous accusation as legitimate, but the company probably has a different view on that. Criticizing a government can be freedom of speech to the critic, but government-undermining activities to the police. There really aren't any objective criteria to classify abuse. Perhaps the only one is "anything that harms the server itself."

Slandering and mailbombing

Since remailers allow complete anonymity for the sender, it's no surprise they are also used by people who want to avoid the consequences of their actions. A popular form of abuse is anonymous mailbombing of someone you disagree with, or to post slanderous messages in a public forum.

File distribution using remailers

Binaries are another big problem. It is possible to send binary files through a remailer (although there are often restrictions on message size, you can send many messages to circumvent that problem). This has made remailers very popular with people who distribute illegally copied commercial software. Pornography is another obvious reason. Especially when dealing with hardcore pornography, or child porn (what the Internet is most famous about), remailers are often used to avoid getting caught.

Responsible use

There are legitimate reasons for using a remailer, but also many ways to abuse them. If a remailer causes too much problems to the operator, the ISP or the country's government, it will be taken down. It is therefore necessary that users of remailers use them wisely and responsibly. As the operator of anon.penet.fi put it:

There are people who need this service. Please don't spoil it for them by abusing the service. Use it responsibly and only when needed.