Page 1 of 1

Reply masking w header stripping (pseudo-anonymous)

Posted: 09 Aug 2006, 13:05
by Z
If all old headers would be stripped when forwarding email it would allow using service as pseudo-anonymous service.

And it's not aimed to allow illegal activities. All information is logged. But it's not showin in message headers.

This is for everyone who doesn't like to reveal too much. Like: IP, domain, timezone or other information which is available from headers.

Posted: 23 Aug 2006, 02:40
by etrask
It'd be great if TrashMail just stripped ALL headers out of the original email, and the only ones left were the ones applied by TrashMail itself. User-Agent, for example.

One may want to keep an e-mail's priority, though. Maybe that one shouldn't be stripped.

Posted: 23 Aug 2006, 06:03
by Z
etrask wrote:It'd be great if TrashMail just stripped ALL headers out of the original email, and the only ones left were the ones applied by TrashMail itself. User-Agent, for example.

One may want to keep an e-mail's priority, though. Maybe that one shouldn't be stripped.
How about saving subject, to, from and other important fields? ;)

Posted: 18 Dec 2006, 00:13
by Admin
Z wrote:
etrask wrote:It'd be great if TrashMail just stripped ALL headers out of the original email, and the only ones left were the ones applied by TrashMail itself. User-Agent, for example.

One may want to keep an e-mail's priority, though. Maybe that one shouldn't be stripped.
How about saving subject, to, from and other important fields? ;)
I stripped now all X-*, Delivered-To, Organization, User-Agent fields.
Additionally any kind of information of the original host and domain name is replaced by localhost and localdomain.

Is this now fine enough? I will later add a function to make anonymous the signatures by an option.

Posted: 18 Dec 2006, 06:12
by Z
Don't know yet. I'll let you know soon. (today)

- Thanks!

... Sorry it took a while ...

Posted: 21 Dec 2006, 21:23
by Z
Messaging isnt even pseudoanonymous as long as original received lines containing sender IP are maintained.

So at least old received hearders should be discarded. I mean received headers telling how message ended to trashmail. Naturally that can be "fixed" by using tools like TOR http://tor.eff.org, but for lawful purposes discarding headers should be ok.

Currently headers are telling everything I need to know to track sender if received headers aren't also filtered out.

- Comments?

If received headers are filtered out. It would be better to save header log information for a quite long time (at least an year). So service like trashmail.net doesn't take blame if bomb or what ever threats or reasons arise.

We just handle the traffic. We can tell where it came from, if court orders so. But without court order, we won't tell anything.

It's just like postal service or any other telephone or ISP service. Logs are maintained, but you'll need legal reason to access those logs. And accessing logs without legal reason is also illegal.

Posted: 08 Jan 2007, 11:36
by Admin
Z wrote:Messaging isnt even pseudoanonymous as long as original received lines containing sender IP are maintained.

So at least old received hearders should be discarded. I mean received headers telling how message ended to trashmail. Naturally that can be "fixed" by using tools like TOR http://tor.eff.org, but for lawful purposes discarding headers should be ok.

Currently headers are telling everything I need to know to track sender if received headers aren't also filtered out.

- Comments?

If received headers are filtered out. It would be better to save header log information for a quite long time (at least an year). So service like trashmail.net doesn't take blame if bomb or what ever threats or reasons arise.

We just handle the traffic. We can tell where it came from, if court orders so. But without court order, we won't tell anything.

It's just like postal service or any other telephone or ISP service. Logs are maintained, but you'll need legal reason to access those logs. And accessing logs without legal reason is also illegal.
This is a good idea.
I need to make the policy soon.