Re-mailers — The forgotten phase of email privacy!
1971, The year when the first email was exchanged between two computers. Since then, the world of email has seen drastic developments. The definition, syntax, and architecture of the email systems was standardized and used across multiple platforms eventually. And it was not until 25 years later, on the 4th of July, 1996 the first HTML(web) based emailing service was made available to the world.
Every email has certain identifying information such as The Sender’s email address, The Recipient’s email address, The Email subject, The Sender’s IP address, etc., that help to maintain the integrity and reliance of an email. However, there are also cases where anonymous emailing is required. Privacy, though not known to be widely prioritized in any service (back in the day) is very essential in email communication. The introduction of anonymous re-mailers has triggered a massive increase in netizen’s approval of privacy and has lead to most modern-day anonymous email services and anonymizers such as TOR Guard E-mailer, Guerrilla email, Hush email, etc.
Anonymous Re-mailers are email servers that are used to achieve anonymity while sending/receiving emails. Each re-mailer's main job is to route emails to the next re-mailer or the final destination but the catch here is that it doesn’t expose the original sender of the email. This induces anonymity in the generic email routing architecture followed over the internet and proves to be a strong method for transferring sensitive information and anonymous whistleblowing etc.
For any successful email communication, there are certain key attributes such as Sender’s Email Address, Recipient’s Email Address, Sender’s IP address, Recipient’s IP address, The Email’s subject, The Email body and then comes to the latest additional features such as carbon copy address fields and blind carbon copy address fields. If one wants to achieve anonymous emailing, they must find a way to hide the above details so that no party other than the sender will know whom the message is intended to and what its contents are.
Multiple types of operations are performed on the email attributes to achieve anonymity and based on the type of operation there are 4 types of Anonymous re-mailers.
- Pseudonymous Re-mailers
- CypherPunk Re-mailers
- Mix-master Re-mailers
- Mix-minion Re-mailers
Pseudonymous Re-mailers:
Though it is not the most efficient anonymous re-mailer, it had its fair share and limited scope at anonymity. Also known as “Nym servers”, they follow a set of instructions on how to transmit or receive emails on a user’s behalf.
The Nym server may be instructed to either add, remove, or fake certain fields of the email transmission and also to forward the email to a list of available re-mailers.
It assigns its users a variable (pseudonyms) and then stores a set of instructions corresponding to each variable on how the emails from the respective user need to be handled i.e. either to strip the email of few relevant fields or to relay it through a set of available re-mailers.
The pseudonymous re-mailers does have certain drawbacks. Such drawbacks may better be explained with the following scenarios:
First is when the server holding the pseudonymous variables is compromised. All the pseudonyms used and set of re-mailing instructions could be exposed, thereby rendering the anonymous feature of it.
Second scenario is when a state sponsored program could monitor the whole relaying server’s traffic and then populate the list of other servers and guess operational traffic patterns. And then maybe use that information as part of targeted attack or Advanced Persistent Threat operations.
Sadly before any big notable breaches got detected, the pseudonymous re-mailers went out of use.
Contemporary Nym Servers — an extension to Pseudonymous Re-mailers:
Also known as Pseudonym servers, these servers provide each user/entity an untraceable email address. Neither the Nym servers nor any of the re-mailers can find out which pseudonym corresponds to whom.
For using a contemporary Nym server, any user should have the following conditions met:
- A PGP Key pair
- A set of own/customer instructions on how to send the message or responses back to the entity. (more like the reply-to field in current daily email features)
- The above two things combined is called as the “Nym” of that consumer
- Then an email is to be sent to the Nym server with the PGP key and set of instructions on how to handle your email transmission.
- The response from the Nym server would contain messages, encrypted with the PGP key provided by the consumer, and by following the set of instructions provided. (more like an acknowledgment from the Nym server)
- The consumer’s response to it would be considered confirmation. (similar to session/service establishment confirmation)
Cypherpunk Re-mailers:
Also known as Type 1 re-mailers, our main discussion of how and what re-mailers are would start from here. The following steps would briefly describe the functioning of a typical cypherpunk re-mailer:
- Getting the re-mailer's public key: Send an email to the re-mailer with the subject line “Re-mailer Key” and the server replies with its public key.
- Take/Save the re-mailer's public key and add it to your PGP/GPG implementation
- Your initial email must follow the below format:
Anon-To:<Intended Email Recipient’s Address>
###
Subject:<Email’s intended Subject>
<Message Text>- Now user the PGP/GPG implementation to encrypt the message using the re-mailer’s public key. Take the encrypted output and keep it handy.
- Compose a new email now, with the encrypted text in the below format, and send it to the re-mailer.
Encrypted : PGP / Encrypted : GPG
— — Begin PGP/GPG Message — —
<The Encrypted Message Content>
— — End PGP/GPG Message — —- Each message sent by using a Cypherpunk re-mailer has a pseudo-header in the below format:
::
Request-Remailing-To: final@destination.net [end recipient’s email address]
Once the pseudo-header is appended to the encrypted message, it is sent across a relay of servers and upon reaching the final server, the server uses its private key to decode the message and deliver it to the intended recipient (which it picks up from the pseudo-header).
Now that we have understood the working of the Cypherpunk re-mailer, let’s discuss its disadvantage.
Imagine a scenario where someone is intercepting every packet leaving the sender’s host. They will be able to intercept the re-mailer's public key, encrypted text from the sender with the pseudo header also. Now all they need to do is to replace the pseudo header with a new pseudo header (that contains the attacker’s email address) and send a new email to the re-mailer. The re-mailer then does all the work for the attacker and finally sends him the email, thereby failing the secrecy of the message.
Mix-master Re-mailers:
Also known as Type 2 Anonymous re-mailers, Mix-master re-mailers offer a unidirectional mailing service. The only way to implement a bidirectional mix-master is to include the reply address in the email body. The distribution of mix-master re-mailers can be found here.
The sender initially sends an email to the re-mailer, re-mailer to other re-mailers, and then finally to the intended recipient over SMTP. However, the implementation of mix-master re-mailers requires a program to compose messages.
Mix-Master Re-mailer clients:
There are multiple client-side programs available to utilize the mix-master re-mailer system,
These clients can also be used in combination with pingers that communicate with other re-mailers to provide their updated keys and performance statistics. It is up to the users that they opt to either run their own pinger or just collect statistics from the many existing pingers. The list of developers of mix-masters and the mailing list of users of it can be found here.
- Download the source code and compile using C/C++
- Update the Nym server’s list
- Call pingers into the code or use them separately and update the Source code. The complete guide of mix-master re-mailers can also be referred for understanding the complete implementation
- And using a Linux/Unix distribution for its implementation would result in a pretty smooth process with no errors and the steps are as follows,
Mix-minion Re-mailers:
Also known as Type 3 re-mailers, these are the most efficient among the three re-mailers we have discussed so far. They make use of a mixed architecture and one key feature is that they prevent eavesdropping of the message. It introduces a new concept called “Mixers”. Each mixer does the following tasks:
- Receives an email
- Decodes the email
- Shuffles the email headers
- Encrypts it
- Again transmits to the next Mixer or Destination (in cases of the final mixer)
The complete message is broken into fixed-sized blocks called “Packets”. Packets are encrypted by the mix-minion clients with the public key of each server that is in the transmission path (just like onion routing). Then the transmission begins from the 1st mixer to the second, then to the third, and so on until the final mixer which sends the plain email to the recipient.
Mix-minion re-mailers have clients available for all three platforms of Windows, Linux/Unix, and Mac OS. It is no longer officially supported or used but its code is available in GitHub for anyone to download/edit and create their own version of re-mailers.
Reading and researching about re-mailers has confirmed one thing — our current level of sophisticated privacy comes from a variety of failed implementations (be it anonymous emailing or anonymous messaging or usage of the internet as well). However, all the discussed re-mailers are no longer relevant to us because there are more advanced anonymous emailing services available. The current infrastructure of VPNs, anonymizers, and free emailing services has given users the option to simply create as many email addresses as needed and dispose them when done. Few well popular anonymous emailing services that come to my mind as I write this are TOR Guard, Guerrilla Email, Secure email, The anonymous email, 5ymail, Cyber Atlantis, Anon email and W3 Anonymous re-mailers etc.
This brings us to the end of the article. And please consider the point that the above article is a combined and simplified version of all open sourced materials available on the internet and I’m not yet a security testing expert to validate the same. Also, I’m open to suggestions and any corrections required to make this a better resource for everyone!
