[Remops] Locally or remotely administered?

[Steve Crook]

On Mon, Aug 05, 2013 at 01:35:41PM -0400, Brian O'Connor wrote:
> Hello!
> 
> I'm new to the list, but not new to remailers. I use to be a very
> active user back in the day (orange, xganon, licious, winter, etc)
> Then my interest waned. But now I'm interested again. It's 2013.
> Anonymous speech has never been more vital. And, as in the past, I
> have been investigating the possibilities of operating a public
> remailer myself.
Hi Brian, That list of remailers places you firmly back in the early
days of Mixmaster!  Welcome back.  I wish there were lots of new things
to tell you about but Mixmaster and the remailer scene in general hasn't
moved on much.  There have been brief attempts to drag anonymous email
into the current century but currently Mixmaster is still the tool of
the day.

> It used to be far more feasible to run an email service from inside
> one's home. For my situation at least, it wouldn't work. My ISP blocks
> port 25, doesn't allow servers and, even without those roadblocks, my IP
> address would surely end up being blacklisted (if it isn't already) for
> the mere sin of being in a block of IPs reserved for non-commercials
> customers of an Internet provider. (Thanks, spammers, for ruining the
> Net for the rest of us.)
Yes indeed.  I think there are some remailers operating from home-based
PC's but the majority of long-time servers are probably colo hosted.

> Over the years I've slowly become more assured using debian and a
> command line interface. Lately, I hve been shopping for a VPS host
> (virtual private server). It would be affordable (a colo or a dedicated
> server would be out of my price range) but many of the VPS hosts I've
> contacted are not willing to host a remailer. Not even a middleman.
I had similar issues trying to host Tor servers.  I'm surprised they
refused to let you host a Middleman but, perhaps they don't understand
the terminology and the minimal exposure of such a server.

> The few that are willing seem slightly leery of my intentions and don't
> give me a lot of confidence. They seem to interpret heavy MTA traffic as
> "bulk email" and bulk email to them means spam. I can envision a time
> when my remailer first goes live. The traffic would jump dramatically
> and my hosting provider would react to it, likely shutting me down for
> "spamming", "excessive cpu usage" or whatever reason they might choose.
I use a company called Hetzner in Germany to host all my services.  On
occasion they forward on abuse complaints and a list of actions I must
take to address it.  These complaints have always related to postings on
Usenet (I operate a mail2news gateway), not Mixmaster.

> I'm interested to hear from anyone on the list who has faced these sorts
> of dilemma  and how they sorted them.
Knowing Hetzner to be a good provider, I just looked at their Vserver
offerings and it appears you can get a suitable Debian VM for about
13euros per month.  They do smaller and larger but I'm basing that
choice on a Mixmaster remailer and associated Echolot pinger.  This gets
you 2TB of traffic allowance per month and no remailer is going to get
anywhere near that based on current traffic in the network.  I'm sure
there are plenty of other equally good hosts so I'm just picking that
one based on personal experience.

> Another question:
> 
> If mixmaster is being administered remotely, e.g.  at a VPS host, how
> does one keep secring.mix, secring.pgp and other confidential files
> secure and away from prying eyes? Enc-FS? Is such a scenario even
> recommended? 'Doesn't feel very secure.
On a dedicated server, I'd recommend a encrypted FS.  In my case, I keep
all the keys and pool on a partition that's created with a random key at
boot time.  If the machine dies, the keys and messages are lost but,
such is the reliability of Debian, this hasn't happened yet.  I probably
reboot about once a year on average and have to remember to take copies
of these files prior to doing it.

On a VM, there is a slightly raised risk of snooping as the VM can be
snapshotted from the hosting OS without knowledge of the VM owner.  I'm
inclined to suggest the the encrypted FS in this scenario is probably
overkill.  Better to concentrate on using TLS on the smtp transport so
messages are ephemerally encrypted in transit between Mixmaster nodes.

Please come back if you'd like any further assistance.

Best wishes,
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.mixmin.net/pipermail/remops/attachments/20130806/debe27a1/attachment.sig>