Nym servers, Gnus, and GPG, oh my!

Nym servers, Gnus, and GPG, oh my!

[Kirk Strauser]

I've been using Mailcrypt with Gnus v5.9.0, and it works more-or-less OK.
I'd like to do more, though, and I'm not sure in Mailcrypt is going to be
able to help me:

  - I want to use anonymous pseudonym/alias servers, like nym.alias.net.
    Despite what the docs say, Mailcrypt doesn't seem to support this too
    well.

  - Some entities, such as most of the anonymous remailers, seem to require
    PGP2.x instead of GnuPG.  My friends, however, tend to use GnuPG instead
    of PGP.  I haven't figured out a way to get Mailcrypt to use GPG some of
    the time, and PGP for other things.

  - I'd like for Gnus+Mailcrypt to mark signed or encrypted emails in the
    Summary buffer, but once again, I haven't figured this out.  At current,
    I don't know if an email's signed unless I attempt to verify the
    signature on it, which is a bit unwieldy for large numbers of emails.

Has anyone else used Gnus with anonymous remailers / nymserver?
-- 
Kirk Strauser
The Strauser Group - http://www.strausergroup.com/

Re: Nym servers, Gnus, and GPG, oh my!

[ignotus-dated-1027693252.79d5d2]

>>>>> Kirk Strauser wrote:


> I've been using Mailcrypt with Gnus v5.9.0, and it works more-or-less
> OK.  I'd like to do more, though, and I'm not sure in Mailcrypt is
> going to be able to help me:

>   - I want to use anonymous pseudonym/alias servers, like nym.alias.net.
>     Despite what the docs say, Mailcrypt doesn't seem to support this
>     too well.

Yes, Mailcrypt doesn't support newnyms (like nym.alias.net) at all, just
the weird old style pseudoanonym stuff.  Note that Mailcrypt has
excellent support for standard Type I and II remailers.

>   - Some entities, such as most of the anonymous remailers, seem to
>     require PGP2.x instead of GnuPG.  My friends, however, tend to use
>     GnuPG instead of PGP.  I haven't figured out a way to get
>     Mailcrypt to use GPG some of the time, and PGP for other things.

You can force GnuPG into PGP2.x compatible mode (it's in the docs), but
I wouldn't advise you to do it (you would lose all the security benefits
of GnuPG).  What's more, I even find this situation comfortable, because
I can use PGP2.6.3 for all my nym / remailer related work, and use GnuPG
for anything else (this way it's much harder to accidentally sign a
message with a wrong key, which may compromise your anonymous identity).
So you can encrypt a mail with GnuPG for your friend then send it thru a
chain of remailers using PGP2.6 encryption (it's not too hard to write a
little function which changes between PGP2.6/GnuPG accordingly).  And
your GnuPG keyring will not get cluttered by remailer/nymserver
keys... :-)

>   - I'd like for Gnus+Mailcrypt to mark signed or encrypted emails in the
>     Summary buffer, but once again, I haven't figured this out.  At
>     current, I don't know if an email's signed unless I attempt to
>     verify the signature on it, which is a bit unwieldy for large
>     numbers of emails.

> Has anyone else used Gnus with anonymous remailers / nymserver?

I've been using nyms / remailers actively for some time now, and I can
say it's really convenient if you write some lisp code. :-)

I have a snippet for decrypting a nym message with one key press (it
supports reply block with shared keys of course, it needed a really ugly
Mailcrypt hack, but hey, it works).

Another snippet is for sending nym messages, you can reply to a
newsgroup or mailing list article as you do now, but then just before
pressing C-c C-c, you select a nym identity and my code'll do the work
for you (rewriting the message for the nym preserving the Subject and
References headers, in case of newsgroup post using all the three m2n
gateways, selecting random routes with random hops).

The last thing I needed was something for making reply blocks, so I made
a "simplified reply-block defining language", I think it slightly
resembles what QuickSilver (popular Windows nym client) does (although I
haven't seen that software).  With this you can basically create a reply
block with all the features you want (cut marks, repgp, remix, garbage,
latent times etc) in a convenient way, then it creates the actual reply
block from that specially formatted buffer, that you can just paste into
your nym config create request.

So that's what I have, if you really think you could use it, just drop
me a mail and I'll write a 'QUICKINSTALL' for it and mail it to you.
(But bear in mind that these are just hacks, not polished for the
clueless user.)

Another, - possibly more fortunate/userfriendly - thing to do would be
using the program 'premail' (available in debian distro), it's a huge
perl script to deal with nyms / remailers.  It would eliminate Mailcrypt
from the remailing / nym work completely.  It's basically a layer
between your MUA (Gnus) and MTA (altough it has a text GUI too for
sending messages interactively from premail).  When you send your mail,
Gnus would handle it to premail, then premail would inspect the headers
of the message and do various things based on that, like if a mail had
the header "Remailer-Chain: *, *, *" then that mail would be remailed
thru three random hops.  After that premail handles the mail to the real
MTA.

I chose to make my own elisp hacks because 1) I wanted to get a good
grasp of how remailers work, 2) after I knew what's going on it was easy
/ fun to do them on top of Mailcrypt 3) premail did too much behind my
back and I didn't like that back then.  (And did I mention that premail
is a big ugly perl script totally out of control? ;-))

-- 
ignotus
                        If you are smart enough to know that you're not smart
                           enough to be an Engineer, then you're in Business.