Using mixmaster to send anonymous email
Posted by JacobAppelbaum on Sat 30 Dec 2006 at 16:52
This is a document that explains how to install mixmaster and how to use it to send email, in an anonymous and secure fashion.
Mixmaster is described by the debian package system as:
Mixmaster is the reference implementation of the type II remailer protocol which is also called Mixmaster.
An anonymous remailer is a computer service that privatizes your email. A remailer allows you to send electronic mail to a Usenet news group or to a person without the recipient knowing your name or your email address. Anonymous remailers provide protection against traffic analysis.
This package provides both a client and an optional server installation.
First we'll install the mixmaster package:
root@nsa:~# apt-get install mixmaster Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libmailtools-perl Suggested packages: libmail-audit-perl libio-socket-ssl-perl mutt Recommended packages: libhtml-format-perl libcompress-zlib-perl postfix mail-transport-agent The following NEW packages will be installed: libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libmailtools-perl libtimedate-perl liburi-perl libwww-perl mixmaster 0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded. Need to get 1124kB of archives. After unpacking 3609kB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://mirror.bytemark.co.uk sarge/main libhtml-tagset-perl 3.04-1 [13.1kB] Get:2 http://mirror.bytemark.co.uk sarge/main libhtml-parser-perl 3.45-2 [103kB] Get:3 http://mirror.bytemark.co.uk sarge/main liburi-perl 1.35-1 [87.8kB] Get:4 http://mirror.bytemark.co.uk sarge/main libwww-perl 5.803-4 [358kB] Get:5 http://mirror.bytemark.co.uk sarge/main libhtml-tree-perl 3.18-1 [208kB] Get:6 http://mirror.bytemark.co.uk sarge/main libtimedate-perl 1.1600-4 [32.8kB] Get:7 http://mirror.bytemark.co.uk sarge/main libmailtools-perl 1.62-1 [82.5kB] Get:8 http://mirror.bytemark.co.uk sarge/main mixmaster 3.0b2-1 [239kB] Fetched 1124kB in 0s (2607kB/s) Preconfiguring packages ...At this point you'll be prompted to configure mixmaster for updating remailer keyrings and reliability statistics. Unless you want to do this by hand, I suggest selecting the permenent option. Next you'll be prompted to select a pinger. A pinger is a program that collects the aformentioned keys and availability statistics. When prompted where to download statistics from I suggest using the noreply node. You will then be prompted to update the reliability statistics, select Yes. At this point the install will finish:
Selecting previously deselected package libhtml-tagset-perl. (Reading database ... 10885 files and directories currently installed.) Unpacking libhtml-tagset-perl (from .../libhtml-tagset-perl_3.04-1_all.deb) ... Selecting previously deselected package libhtml-parser-perl. Unpacking libhtml-parser-perl (from .../libhtml-parser-perl_3.45-2_i386.deb) ... Selecting previously deselected package liburi-perl. Unpacking liburi-perl (from .../liburi-perl_1.35-1_all.deb) ... Selecting previously deselected package libwww-perl. Unpacking libwww-perl (from .../libwww-perl_5.803-4_all.deb) ... Selecting previously deselected package libhtml-tree-perl. Unpacking libhtml-tree-perl (from .../libhtml-tree-perl_3.18-1_all.deb) ... Selecting previously deselected package libtimedate-perl. Unpacking libtimedate-perl (from .../libtimedate-perl_1.1600-4_all.deb) ... Selecting previously deselected package libmailtools-perl. Unpacking libmailtools-perl (from .../libmailtools-perl_1.62-1_all.deb) ... Selecting previously deselected package mixmaster. Unpacking mixmaster (from .../mixmaster_3.0b2-1_i386.deb) ... Setting up libhtml-tagset-perl (3.04-1) ... Setting up libhtml-parser-perl (3.45-2) ... Setting up liburi-perl (1.35-1) ... Setting up libtimedate-perl (1.1600-4) ... Setting up libmailtools-perl (1.62-1) ... Setting up libhtml-tree-perl (3.18-1) ... Setting up libwww-perl (5.803-4) ... Setting up mixmaster (3.0b2-1) ... Adding mixmaster user Adding system user `mixmaster'... Adding new group `mixmaster' (105). Adding new user `mixmaster' (105) with group `mixmaster'. Creating home directory `/var/lib/mixmaster'. Not starting Mixmaster Daemon: remailer mode not enabled in /etc/mixmaster/remailer.conf.You're now ready to use mixmaster as a client without further configuration. Intially I suggest using mixmaster one of two ways. First lets investigate sending a message with the ncurses gui. Execute mixmaster without any arguments:
ioerror@nsa:~$ mixmasterIt should look something like this:
Mixmaster 3.0b2
0 outgoing messages in the pool.
m)ail
p)ost to Usenet
r)ead mail (or news article)
d)ummy message
s)end messages from pool
e)dit configuration file
q)uit
Notice: Creating directory /home/ioerror/.Mix.
The menus are simple. Merely press the first letter of whichever command you want to execute. Let's put a dummy message into the pool by pressing d. Dummy messages provide protection against traffic analysis. You should see something similar to the following but with a different chain:
Mixmaster 3.0b2
1 outgoing message in the pool.
m)ail
p)ost to Usenet
r)ead mail (or news article)
d)ummy message
s)end messages from pool
e)dit configuration file
q)uit
Chain: metacolo,borked,pboxmix,hastio
Select m to send email. You will be prompted to enter an email address and a subject:
Send message to: root@example.com Subject: Testing nsa mixAt this point you'll be brought to a screen that allows you to edit, encrypt, send, add a file and a myriad of other options. I suggest editing the message by pressing e. This will drop you into your default editor and you may now compose your message. When you're finished, you'll be returned to the main screen:
Mixmaster 3.0b2 - sending mail c)hain: *,*,*,* (reliability: n/a ) r)edundancy: 1 copies d)estination: root@example.com s)ubject: Testing nsa mix pgp encry)ption: no m)ail message e)dit message f)ile q)uit w/o sendingAt this point you can simply mail the message. It's also possible to select the chain of remailers or to increase redundancy by sending multiple copies. As an example, you can push c and you'll be given a list of nodes to route messages through:
Select remailer chain: a austria ************ 100.00% r 4096 **+********* 99.87% b banana *********+** 100.00% s cthulu ************ 99.57% c borked ************ 100.00% t dingo **+*****+*** 99.49% d cyberiad ************ 100.00% u daat ++++++++++ 99.46% e deuxpi **********+* 100.00% v kroken *+*****+*+++ 99.42% f dizum *+-********* 100.00% w bikikii +++-++++-+++ 99.35% g george ************ 100.00% x frell ----+----++- 99.37% h metacolo **#********* 100.00% y hastio -.-.-__...-- 99.24% i paranoia ************ 100.00% z antani ++++++++++++ 98.15% j pboxmix **********+* 100.00% A runaway *+**+***++*- 96.52% k randseed +********* 100.00% B citrus ---+++++++++ 92.51% l zerofree **#**####*** 100.00% C starwars -+++++++++++ 72.39% m anon ++++++++++++ 100.00% D vger *++**+****+* 60.42% n bird +*+*+**+++** 100.00% E bunker -+-++-++++-+ 37.79% o cside ++*++++++*++ 100.00% F tonga ---++_--+.-+ 37.07% p panta ++++++++++++ 100.00% q cripto *-**__.-**** 99.88% * select at random (reliability: n/a ) Chain:To select the chain, select the first letter preceeding the node you want to route through. With six nodes selected you should see something similar to:
* select at random (reliability: 100.00%) Chain: austria,anon,metacolo,bird,borked,randseedIf you were to select *, you'd notice the reliability change dramatically:
(reliability: n/a )At this point you can return to the previous screen, it should look something like this:
Mixmaster 3.0b2 - sending mail c)hain: austria,anon,metacolo,bird,borked,randseed (reliability: 100.00%) r)edundancy: 1 copies d)estination: root@example.com s)ubject: Testing nsa mix pgp encry)ption: no m)ail message e)dit message f)ile q)uit w/o sendingYou can mail the message, add a file, edit the messsage, send more copies, edit any of the other fields or quit to the main menu. I've decided to return to the main menu and fill the pool with dummy messages:
Mixmaster 3.0b2
3 outgoing messages in the pool.
m)ail
p)ost to Usenet
r)ead mail (or news article)
d)ummy message
s)end messages from pool
e)dit configuration file
q)uit
Chain: bikikii,dizum,kroken,paranoia
And finally I'll flush the pool and send them:
Mixmaster 3.0b2
0 outgoing messages in the pool.
m)ail
p)ost to Usenet
r)ead mail (or news article)
d)ummy message
s)end messages from pool
e)dit configuration file
q)uit
Done.
Assuming that you'd like to send a message from your shell and not deal with ncurses you could also run the following commands:
cat << 'EOF' > /tmp/mixmaster Hi. This is the contents of my message. This has been a test of mixmaster on the commandline. EOFAnd then send that file twice with a dummy message:
ioerror@nsa:~$ mixmaster -v --to=root@example.com --subject="Using mixmaster from the commandline" \ --copies=2 -d /tmp/mixmaaster Mixmaster 3.0b2 Chain: bird,paranoia,cripto,cside borked,antani,metacolo,csideAfter a few days, I received one of my test messages. Here's the full message with headers included:
Return-Path: hastiobounce@gmail.com
Delivered-To: root@example.com
Received: (qmail 18658 invoked by uid 89); 25 Dec 2006 17:07:12 -0000
Received: from unknown (HELO CuartoMenguante.hastio.org) (84.77.180.176)
by 0 with SMTP; 25 Dec 2006 17:07:12 -0000
Received-SPF: neutral (0: 84.77.180.176 is neither permitted nor denied by SPF record at _spf.google.com)
Received: from Spooler by CuartoMenguante.hastio.org (Mercury/32 v4.01b) ID MO00767E;
25 Dec 2006 18:06:36 +0100
Received: from spooler by hastio.org (Mercury/32 v4.01b); 24 Dec 2006 10:19:59 +0100
Received: from cuartomenguante (127.0.0.1) by hastio.org (Mercury/32 v4.01b) ID MG00762D;
24 Dec 2006 10:17:09 +0100
To: root@example.com
From: anonymous@remailer.hastio.org
Date: 24 Dec 2006 09:17:09 -0000
Message-ID: fmxy1nq739075.4285763889@anonymous.poster
Subject: Testing mixer from gui
Comments: This message did not originate from the above address. It was
automatically remailed by one or more anonymous mail services.
This service is free. Please report problems or inappropriate use
to the address below.
X-Remailer-Contact: http://remailer.hastio.org
X-CC-Diagnostic:
Test test
As you become more comfortable with using Mixmaster you may want to investigate it's integration with the popular mutt mail client.
You might also be interested in running a Mixmaster server yourself. Visit the Mixmaster Source Forge page for more information on Mixmaster and on related anonymous remailer software.
Try using this: http://www.mutt.org/doc/manual/manual-2.html
[ Parent | Reply to this comment ]
It's varsity holiday at the moment (stating the obvious...), so the rucus sysadmins are away, and their main gateway box has been giving them some trouble of late... I'll see if I can find someone to prod and get it up again.
Laters.
Laters.
[ Parent | Reply to this comment ]
Posted by Anonymous (59.176.xx.xx) on Sun 31 Dec 2006 at 06:43
Do you have true anonymity with mixmaster?
If you do, then you have can spam to your heart's content.
If you don't, then mixmaster is pointless.
Someone care to explain this or point me to where I can find out about how this problem is handled? I haven't been able to figure this one out.
PJ
If you do, then you have can spam to your heart's content.
If you don't, then mixmaster is pointless.
Someone care to explain this or point me to where I can find out about how this problem is handled? I haven't been able to figure this one out.
PJ
[ Parent | Reply to this comment ]
Posted by Anonymous (71.212.xx.xx) on Sun 31 Dec 2006 at 14:56
Yes you have true anonymity. However its still not good for spam because Mixmaster (type 2) and Cypherpunk (type 1) remailers both support an abuse@host email address that will block all future emails being sent to your email account.
So it would only work until people got bothered enough by the spam to block it.
How to use a Cypherpunk Remailer at: http://feraga.com/node/73
So it would only work until people got bothered enough by the spam to block it.
How to use a Cypherpunk Remailer at: http://feraga.com/node/73
[ Parent | Reply to this comment ]
This is a text i found on the net a while back, since then the archive-servers has vanished, so I scanned(210K tif-image) the hardcopy I have on my board. Below is a slightly edited ocr of the image.
Might be of interest to anyone considering using Mixmaster-system for anything useful:
Cypherpunks archive-96.02.29-96.03.06: List of reliable remailers List of reliable remailers Anonymous Remail Service (nobody@vegas.gateway.com) Sun, 3 Mar 199609:18:03-0500 ( Messages sorted by: [date][ threa4][ subject][ author] ( Next message: Adam Shostack: "Re: NYT on Crypto Bills" ( Previous message: Raph Levien: "List of reliable remailers" ( Next in thread: Black Unicorn: "Re: your mail" Thought that this was worth reposting: >1 attended last weeks "Information, National Policies; and International >Infrastructure" Symposium at Harvard Law School, organized by the Global >Information Infrastructure Commission, the Kennedy School and the >Institute for Information Technology Law & Policy of Harvard Law School. >During the presentation by Paul Strassmann, National Defense University >and William Marlow, Science Applications International Corporation, >entitled 'Anonymous Remailers as Risk-Free International Infoterrorists" >the questions was raised from audience (Professor Chaarles Nesson, >Harvard LAw School) - in a rather extended debate - whether the CIA and >similar government agencies are involved in running anonymous remailers >as this would be a perfect target to scan possibly illegal messages. >Both presenters explicitly acknowledged that a number of anonymous >remailers in the US are run by government agencies scanning traffic. >Marlow said that the government runs at least a dozen remailers and that >the most popular remailers in France and Germany are run by the >respective government agencies in these countries In addition they >mentioned that the NSA has successfully developed Systems to break >encrypted messages below 1000 bit of key length and strongly suggested >to use at least 1024 bit keys. They said that they themselves use 1024 >bit keys. >J ask Marlos afterwards if these comments were off or on record, he >paused then said that he can be quoted. >So I thought I pass that on. ft seems interesting enough, don 't you > think? >Best > Viktor Mayer-Schoenberger >Information Law Project >Austrian Institute for Legal Policy Groundfog@alpha.c2.org ( Next message: Adam Shostack: "Re: NYT on Crypto Bills" ( Previous message: Raph Levien: "List of reliable remailers" ( Next in thread: Black Unicorn: "Re: your mail" I of 1 05.09.96 01:58
[ Parent | Reply to this comment ]
Posted by Anonymous (64.53.xx.xx) on Wed 17 Jan 2007 at 15:27
Funny, I'm using the same version in testing and on the screen after "At this point you can return to the previous screen, it should look something like this:"
I have no "m)ail message" option. The others are present.
I have no "m)ail message" option. The others are present.
[ Parent | Reply to this comment ]
Posted by Anonymous (64.53.xx.xx) on Wed 17 Jan 2007 at 15:42
ok it was b/c the message had no body. now that i have the m option it doesn't work.
[ Parent | Reply to this comment ]
Posted by Anonymous (141.157.xx.xx) on Wed 28 Nov 2007 at 08:26
Not Found
The requested URL /docs/mutt/manual19.html was not found on this server.
Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6 Server at rucus.ru.ac.za Port 80
The requested URL /docs/mutt/manual19.html was not found on this server.
Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6 Server at rucus.ru.ac.za Port 80
[ Parent | Reply to this comment ]
Posted by Anonymous (58.68.xx.xx) on Thu 26 Jun 2008 at 10:32
god bless you
[ Parent | Reply to this comment ]
Posted by Anonymous (68.122.xx.xx) on Tue 7 Apr 2009 at 07:58
Hrmmmm. I am stuck on how to return to the menu screen once I "edit" the message. How do I tell mixmaster that I am done "editing" the email?
[ Parent | Reply to this comment ]
Posted by Anonymous (79.43.xx.xx) on Tue 30 Jun 2009 at 17:56
Noauth debian powered Anonymous Remailer at < anon(AT)remailer<dot>gabrix<dot>ath<dot>cx > you can get usefull infos by sending an email to the above address and adding the following in the email subject:
* Subject: remailer-help - Instructions on how to use the remailer.
* Subject: remailer-conf - Current configuration of the remailer.
* Subject: remailer-key - Current Mixmaster key for the remailer.
* Subject: remailer-adminkey - Hourly/Daily statistics of the type/number of messages that pass through the remailer.
* Subject: remailer-stats - - Remailer daily stats.
* Subject: remailer-help - Instructions on how to use the remailer.
* Subject: remailer-conf - Current configuration of the remailer.
* Subject: remailer-key - Current Mixmaster key for the remailer.
* Subject: remailer-adminkey - Hourly/Daily statistics of the type/number of messages that pass through the remailer.
* Subject: remailer-stats - - Remailer daily stats.
[ Parent | Reply to this comment ]
[ Send Message ]
[ Parent | Reply to this comment ]