|
Home > Archive > Anonymous Servers > November 2006 > Runaway Remailer Info * New Security Features set-up
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Runaway Remailer Info * New Security Features set-up
|
|
| Runaway Remailer Admin 2006-10-29, 7:12 am |
| Because of too many abuse complaints, I was forced to take the following
security actions:
1) Full from header feature has been removed and
replaced by partial from headers
2) HashCash has been switched-on with the following
parameters:
o HashCash Bits: 27
o HashCash Resource: runaway
o HashCash Validity: 30 days
o HashCash Invalid From Header: invalid.hashcash
3) MD5 Hash Expire: 168 hours
I ask for comprehension. Unfortunately there are some people who think
remailers are there to facilitate their internet abuse ideas. I am a strong
believer in freedom of speech and protection of privacy but I have zero
tolerance regarding illegal abuse.
Sincerely
Runaway Admin
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Sun, 29 Oct 2006 11:47:07 +0100, Runaway Remailer Admin wrote in
Message-Id: <ei20rc$cfr$1@bananasplit.info>:
> 2) HashCash has been switched-on with the following
> parameters:
Hi Runaway,
What happens to messages where your remailer is randomly selected as the
exit node? Will messages without hashcash be dropped?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBRUSaBGoLu9HNUqmMAQqUPAf+KkkV4TZx
Cn6dGaI/5VG80AAbouxqeABb
muqRTCNe/qzt+qp2M3vzsrGVeABZySEEV/+ZsS8UpXBjvunbTzSJu3we3jVQcjpD
tEwj0g+YkuvcItgbikSlNvWcX1gCpLAQ07cYoxN5
LUsFdf2Xx1gvX4Wh0TwcN+6k
lwBaA9eVakxRhYAuPJDBckuVHRcdVaBre/P3CoWz70p0CKbu1DTHp5CA5O1Le/6C
CmTryJeo04E4bwec6GEg0GNurGZZGM92XxFOqJ9v
RwZxMcBA/WYBYL66TObAJf15
Xyufbmy6EU5HpdGHAcZCBMNxHqZyWDiXe0Nh+AiJ
BxIHev41OUaarQ==
=evYp
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| Runaway Remailer Admin 2006-10-29, 7:12 am |
|
"Zax" <admin@bananasplit.info> schrieb im Newsbeitrag
news:ei25m4$gma$1@bananasplit.info...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On Sun, 29 Oct 2006 11:47:07 +0100, Runaway Remailer Admin wrote in
> Message-Id: <ei20rc$cfr$1@bananasplit.info>:
>
>
> Hi Runaway,
>
> What happens to messages where your remailer is randomly selected as the
> exit node? Will messages without hashcash be dropped?
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iQEVAwUBRUSaBGoLu9HNUqmMAQqUPAf+KkkV4TZx
Cn6dGaI/5VG80AAbouxqeABb
> muqRTCNe/qzt+qp2M3vzsrGVeABZySEEV/+ZsS8UpXBjvunbTzSJu3we3jVQcjpD
> tEwj0g+YkuvcItgbikSlNvWcX1gCpLAQ07cYoxN5
LUsFdf2Xx1gvX4Wh0TwcN+6k
> lwBaA9eVakxRhYAuPJDBckuVHRcdVaBre/P3CoWz70p0CKbu1DTHp5CA5O1Le/6C
> CmTryJeo04E4bwec6GEg0GNurGZZGM92XxFOqJ9v
RwZxMcBA/WYBYL66TObAJf15
> Xyufbmy6EU5HpdGHAcZCBMNxHqZyWDiXe0Nh+AiJ
BxIHev41OUaarQ==
> =evYp
> -----END PGP SIGNATURE-----
>
> --
> pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
> Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
> uid Admin <admin.bananasplit.info>
>
Good question. Honestly, I am not sure. I am running the Panta Mod of
Reliable and have switched on the Panta Mod HashCash Functionality. So, it
should run as any other Reliable Panta Mod with HashCash on. May be Panta
knows, what happens in this case - he had introduced the HashCash add on in
the Reliable Panta Mod ?
Runaway Admin
| |
| panta-admin 2006-10-29, 1:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi !
<snip>
[vbcol=seagreen]
>Good question. Honestly, I am not sure. I am running the Panta Mod of
>Reliable and have switched on the Panta Mod HashCash Functionality. So, it
>should run as any other Reliable Panta Mod with HashCash on. May be Panta
>knows, what happens in this case - he had introduced the HashCash add on in
>the Reliable Panta Mod ?
There is a choice of consequences implemented:
In the Panta-Mod tab of the configuration dialogue you can select:
>Panta: Hashcash
>This mod can be used to restrict news posting by requesting a hashcash token.
>Contributed by Panta Admin
>
>Coices:
>No
>Yes, Invalid => Replace body with "hcbody.txt", kill if to apas
>Yes, Invalid => Set "X-NoArchive: Yes",set fixed From: header, kill if to apas
>Yes, Invalid => Set "X-NoArchive: Yes", fixed From: header, replace body
>with "hcbody.txt", kill if to apas
>Yes, Invalid => Randhop message
>Yes, Invalid => Discard posting
As you can see I have tried various things, in the end I settled with
"Invalid => Randhop message" as my fellow remops did not object and it
stopped the "censorship!!!!" cries.
BTW: Runaway Admin, thanks for your nymserver-testing!
Hope this helps,
Cheers,
panta-admin
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBRUSdptcrLUqmoDLIEQLZugCg1bIwq3boBVsj
vxo2hC8udQ7raI8AmwTF
nacdrFI78Mc6Q3Fjv/fOWYAp
=LF6h
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
| |
| Runaway Remailer Admin 2006-10-29, 1:12 pm |
|
"panta-admin" <anonymous@panta-rhei.eu.org> schrieb im Newsbeitrag
news:1MXI2PQ739019.6043402778@anonymous.poster...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi !
>
>
> <snip>
>
>
> There is a choice of consequences implemented:
>
> In the Panta-Mod tab of the configuration dialogue you can select:
>
>
> As you can see I have tried various things, in the end I settled with
> "Invalid => Randhop message" as my fellow remops did not object and it
> stopped the "censorship!!!!" cries.
>
> BTW: Runaway Admin, thanks for your nymserver-testing!
>
> Hope this helps,
> Cheers,
> panta-admin
>
> -----BEGIN PGP SIGNATURE-----
> Version: N/A
>
> iQA/ AwUBRUSdptcrLUqmoDLIEQLZugCg1bIwq3boBVsj
vxo2hC8udQ7raI8AmwTF
> nacdrFI78Mc6Q3Fjv/fOWYAp
> =LF6h
> -----END PGP SIGNATURE-----
>
> ~~~~~~~~~~~~~~~~~~~~~
> This message was posted via one or more anonymous remailing services.
> The original sender is unknown. Any address shown in the From header
> is unverified. You need a valid hashcash token to post to groups other
> than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
> for abuse and hashcash info.
>
>
>
Panta Admin,
thanks a lot for your advise. I switched from "Yes, Invalid => Discard
posting" to "Yes, Invalid => Randhop message"
BTW - one more question: Does the hashcash only impact news or also mail in
case full from headers are enabled ? In the "Global" tab of Reliable one
choice for full from headers says "On all messages, name and address (with
valid hashcash). Does that mean, if I switch on hascash and full from
headers that full from headers can only be used with valid hashcash token
for news AND mail or does hashcash only relates to news ?
| |
| Anonymous 2006-10-29, 1:12 pm |
| In article <ei20rc$cfr$1@bananasplit.info>
"Runaway Remailer Admin" <anonymous@nym.alias.net> wrote:
>
> Because of too many abuse complaints, I was forced to take the following
> security actions:
>
> 1) Full from header feature has been removed and
> replaced by partial from headers
> 2) HashCash has been switched-on with the following
> parameters:
>
> o HashCash Bits: 27
> o HashCash Resource: runaway
> o HashCash Validity: 30 days
> o HashCash Invalid From Header: invalid.hashcash
>
> 3) MD5 Hash Expire: 168 hours
>
> I ask for comprehension. Unfortunately there are some people who think
> remailers are there to facilitate their internet abuse ideas. I am a strong
> believer in freedom of speech and protection of privacy but I have zero
> tolerance regarding illegal abuse.
>
> Sincerely
>
> Runaway Admin
I have no problem with that.
However when testing, messages sent to any group other than alt.test are
being randhopped regardless of whether there's a valid hascash token. My
tokens are good according to your criteria (though they're compressed), so
something's amiss.
What version of hashcash are you using to validate tokens? The latest is
1.22
| |
| Runaway Remailer Admin 2006-10-29, 1:12 pm |
|
"Anonymous" <Use-Author-Supplied-Address@[127.1]> schrieb im Newsbeitrag
news:DEE2D4J939019.4613194444@anonymous.poster...
> In article <ei20rc$cfr$1@bananasplit.info>
> "Runaway Remailer Admin" <anonymous@nym.alias.net> wrote:
>
> I have no problem with that.
>
> However when testing, messages sent to any group other than alt.test are
> being randhopped regardless of whether there's a valid hascash token. My
> tokens are good according to your criteria (though they're compressed), so
> something's amiss.
> What version of hashcash are you using to validate tokens? The latest is
> 1.22
>
I used the one delivered with the reliable panta mod. Unfortunately I cannot
see the version number when looking at the file properties. I have now
replaced it by the latest version from hashcash.org which is dated October
2006 (panta mods hashcash.exe was from 2003)
Runaway Admin
| |
| Anonymous via Runaway Remailer 2006-10-29, 7:13 pm |
| In article <ei2p2j$316$1@bananasplit.info>
"Runaway Remailer Admin" <anonymous@nym.alias.net> wrote:
>
>
> "Anonymous" <Use-Author-Supplied-Address@[127.1]> schrieb im Newsbeitrag
> news:DEE2D4J939019.4613194444@anonymous.poster...
> I used the one delivered with the reliable panta mod. Unfortunately I cannot
> see the version number when looking at the file properties. I have now
> replaced it by the latest version from hashcash.org which is dated October
> 2006 (panta mods hashcash.exe was from 2003)
>
> Runaway Admin
That seems to have done the trick.
Thank you for your service!
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.
| |
| Anonymous 2006-11-01, 1:15 am |
| On Sun, 29 Oct 2006, "Runaway Remailer Admin" <anonymous@nym.alias.net>
wrote:
>"Zax" <admin@bananasplit.info> schrieb im Newsbeitrag
>news:ei25m4$gma$1@bananasplit.info...
>
>Good question. Honestly, I am not sure. I am running the Panta Mod of
>Reliable and have switched on the Panta Mod HashCash Functionality. So, it
>should run as any other Reliable Panta Mod with HashCash on. May be Panta
>knows, what happens in this case - he had introduced the HashCash add on in
>the Reliable Panta Mod ?
>
>Runaway Admin
that's easy, read the panta-mod tab in your configuration:
[Panta: Hashcash Invalid From Header]
Enter the From header you want to give postings if Hashcash is invalid and
we have selected the x-noarchive and from header option. This should make
it easy for everyone to filter out posts which were made without HashCash.
You set an specific from header to be used for posts that do not have valid
hashcash. They'll still get posted, but with the invalid.hashcash from
header that you set. Posts WITH hashcash *can* be allowed full from by
selecting
"On all messages, name and address (with valid hashcash)" on the general
tab's From header entry.
|
|
|
|
|