• Pick a language
  • English
  • German
  • Spanish
  • French
  • Italian
  • Portuguese
  • Russian
  • Dutch
  • Greek
  • Japanese
  • Korean
  • Chinese
  • Chinese
  • Arabic

• FAQs
• Articles
• Tutorials
• Web Tools
• Reference
• Blog
• Proxy
• Software
• Cell Phones

• Privacy FAQs
• What is a proxy?
• What is anonymous surfing?
• What are HTTP proxies?
• What is an anonymous proxy?
• Where are anonymous proxy servers?
• Where are anonymous proxy lists?
• How do I configure a proxy in my browser?
• How do I setup a proxy server?
• Why run a free proxy?
• How can I bypass Websense?
• What is an anonymous remailer?
• What is a browser cookie?
• How do I delete cookies?
• How do websites use cookies?
• How do I delete my Internet history?
• How do I clear my cache?
• What are free e-mail services with encryption?
• How do I fake mail?
• How do I fake posts and control messages to Usenet?
• What is a key logger?
• What are some free key loggers?
• How do I remove a keylogger?
• How can I securely erase data?
• What is TEMPEST?
• How do I modify the IRC client to hide my real username?
• What is SSH (Secure Shell)?
• Main Menu
• + Networking
• + Physical Layer
• + Data Link Layer
• + Network Layer
• + Network Security
• + Wireless Networks
• + VoIP
• + Telephony
• + Mobile Telephony
• + Radio
• + Television
• + Cryptology
• + Passwords
• + Smart Cards
• + Privacy
• + Malware
• + Vulnerabilities
• + Unix
• + Macintosh
• + Microsoft Windows
• + The Web
• + Web Publishing
• + E-mail
• + Instant Messaging
• + Databases
• + Computer Hardware
• + CPU's
• + Memory
• + Storage
• + Video
• + Audio
• + Multimedia
• + Satellite
• + Java
• + IT Management
• + Science
• + Miscellaneous

Tech-FAQ Tip: Click Here to Check for PC Errors

What is an anonymous remailer?

An anonymous remailer is a system on the Internet that allows you to send e-mail or post messages to Usenet anonymously.

There are two sorts of anonymous remailers in widespread use. The first is the anon.penet.fi style, the second is the cypherpunk style. The anonymous remailer at anon.penet.fi is immensely popular, with over 160,000 users over its lifetime, and probably tens of thousands of messages per day. Its main advantage is that it's so easy to use. The cypherpunks mailers, which provide much better security, are becoming more popular, however, as there is more awareness of them.

The user of the anon.penet.fi system first needs to get an anonymous id. This is done either by sending mail to somebody who already has one (for example, by replying to a post on Usenet), or sending mail to ping@anon.penet.fi. In either case, penet will mail back the new anon id, which looks like an123456@anon.penet.fi. If an123456 then sends mail to another user of the system, then this is what happens:

1. The mail is transported to anon.penet.fi, which resides somewhere in the vicinity of Espoo, Finland.
2. These steps are carried out by software running on anon.penet.fi. Penet first looks up the email address of the sender in its database, then replaces it with the numeric code. All other information about the sender is removed.
3. Then, penet looks up the number of the recipient in the same database, and replaces it with the actual email address.
4. Finally, it sends the mail to the actual email address of the recipient.

There are variations on this scheme, such as posting to Usenet (in which step 3 is eliminated), but that's the basic idea.

Where anon.penet.fi uses a secret database to match anon id's to actual email addresses, the cypherpunks anonymous remailers use cryptography to hide the actual identities. Let's say I want to send email to a real email address, or post it to Usenet, but keep my identity completely hidden. To send it through one anonymous remailer, this is what happens.

1. I encrypt the message and the recipient's address, using the public key of the anonymous remailer of my choice.
2. I send the email to the anonymous remailer.
3. When the anonymous remailer gets the mail, it decrypts it using its private key, revealing as plaintext the message and the recipient's address.
4. All information about the sender is removed.
5. Finally, it sends it to the recipient's email address.

If one trusts the anonymous remailer operator, this is good enough. However, the whole point of the cypherpunks anonymous remailers is that you don't have to trust any one individual or system. So, people who want real security use a chain of anonymous remailers. If any one anonymous remailer on the "chain" is honest, then the privacy of the message is assured.

To use a chain of anonymous remailers, I first have to prepare the message, which is nestled within multiple layers of encryption, like a Russian matryoshka doll. Preparing such a message is tedious and error prone, so many people use an automated tool such as my premail package. Anyway, after preparing the message, it is sent to the first anonymous remailer in the chain, which corresponds to the outermost layer of encryption. Each anonymous remailer strips off one layer of encryption and sends the message to the next, until it reaches the final anonymous remailer. At this point, only the innermost layer of encryption remains. This layer is stripped off, revealing the plaintext message and recipient for the first time. At this point, the message is sent to its actual recipient.

Anonymous remailers exist in many locations. A typical message might go through Canada, Holland, Berkeley, and Finland before ending up at its final location.

Aside from the difficulty of preparing all the encrypted messages, another drawback of the cypherpunk anonymous remailers is that they don't easily allow responses to anonymous mail. All information about the sender is stripped away, including any kind of return address. However the new alias servers promise to change that. To use an alias server, one creates a new email address (mine is raph@alpha.c2.org). Mail sent to this new address will be untraceably forwarded to one's real address.

To set this up, one first encrypts one's own email address with multiple layers of encryption. Then, using an encrypted channel, one sends the encrypted address to the alias server, along with the nickname that one would like. The alias server registers the encrypted address in the database. The alias server then handles reply mail in much the same way as anon.penet.fi, except that the mail is forwarded to the chain of anonymous remailers.

For maximum security, the user can arrange it so that, at each link in the chain, the anonymous remailer adds another layer of encryption to the message while removing one layer from the email address. When the user finally gets the email, it is encrypted in multiple layers. The matryoshka has to be opened one doll at a time until the plaintext message hidden inside is revealed.

One other point is that the anonymous remailers must be reliable in order for all this to work. This is especially true when a chain of anonymous remailers is used -- if any one of the anonymous remailers is not working, then the message will be dropped. This is why I maintain a list of reliable anonymous remailers. By choosing reliable anonymous remailers to start with, there is a good chance the message will finally get there.

Current Anonymous Remailers

One anonymous remailer of note is the W3 Anonymous Remailer provided by the George Mason Society and the Global Internet Liberty Campaign.

To see a comprehensive list on anonymous remailers, point your web browser to http://anon.efga.org/Remailers.

To find out about the Cypherpunks anonymous email server and client, visit http://web.rge.com/pub/security/cypherpunks/remailer/.

This FAQ answer was originally written by Raph Levien

Latest Blog Posts

• Fathers Day Gift Idea

• Do you Smile at Work? You will Now!

• Craigslist Fights Back Against eBay

• Google to Use YouTube Videos for Buzz Targeting

• Alienware and XPS Will Remain Active Dell Brands

• Nintendo Wii is just Insane! Right?

• LED Faucet Lights Add a Nice Conversation Piece to Your Office

• Problems Getting Up in the Morning? What About That Earthquake?

• Security Vulnerabilities

• Comodo Firewall Pro 3.0 - a poweruser's dream come true