On Mon, Feb 15, 2016 at 08:32:18PM -0800, Jeffery Small wrote:
> 
> I just installed mixmaster on my Ubuntu 15.10 system and am trying it out.
> I have a question.  The mutt manual says:
> 
> "To use it [i.e., mixmaster], you'll have to obey certain restrictions.
> Most important, you cannot use the Cc and Bcc headers."

I think this must be a newer version of Mixmaster. I would question the
worthiness of that. See if you can find an older version. It compiles easily
on Linux. Look on sourceforge or elsewhere. Get a known good copy of PGP,
preferably 6.5.8 command line and/or 2.6 Disastry (2.6.3?). Disastry is 2.6
with new hashes and ciphers to bring you up and in some cases past 6.5.8.

Mixmaster strips headers. If you are concerned send a few test posts to
yourself at various email addresses. You can test it by creating fake mix
nodes and a fake nodes file (forgot what it's called but it is the stats
file that Mixmaster uses to select remailers) with your own keys and use the
outfile option. The mail won't be sent. Then you can repeatedly decrypt it
with the keys for the fake nodes and see exactly what is being sent.

> 
> When I look in my /etc/mixmaster/filter.conf

Seems to me this is a new thing. I played around with mixmaster back in the
day and I don't remember this. I could be wrong.

> So what are the restrictions on Cc: and Bcc: as it seems that mixmaster is
> prepared to use (or at least pass) them?  Mostly, I'm just asking out of
> curiosity.

Normally Mixmaster will strip all headers that could leak info. If you want
to just post to a newsgroup use the newsgroups header. If you want to mail
anonymously I don't know why you couldn't use cc or bcc also.

If you want to communicate two way via Mixmaster you'll have to learn to
create a reply block. The new nyms at Steve Crook's site are ok if you think
about what you are doing and use Mixmaster to set it up and don't ever view
the website except over TOR or known good proxy.. I'm not sure how many old
school nym servers are still around but they are better if you know what
you're doing. Plenty of info around on this but you'll have to put the
pieces together. Not much has changed, the old info is still valid.

You'll need to get handy with command line gpg and pgp and you should also
keep in mind the 1024 mix pubkeys are no longer safe for serious use and
also if you are going to communicate securely you need end-to-end
encryption with big pubkeys.  

/jl

-- 
ASCII ribbon campaign ( ) Powered by Lemote Fuloong
 against HTML e-mail   X  Loongson MIPS and OpenBSD
   and proprietary    / \    http://www.mutt.org
     attachments     /   \  Code Blue or Go Home!
 Encrypted email preferred  PGP Key 2048R/DA65BC04 

Reply via email to