PREV Remailing Posts UP Remailer Support NEXT Remailer Security

3.7: Mixmaster Support

Mixmaster is a new kind of remailer which provides excellent security against traffic analysis and replay attacks. (For more information on these attacks and Mixmaster, see Lance Cottrell's home page at `http://www.obscura.com/~loki/'.

If you do not use Mixmaster, you may skip this section entirely; Mailcrypt's default configuration treats Mixmaster as if it did not exist.

If you have the Mixmaster executable installed, you can tell Mailcrypt to use it by placing lines like the following into your `.emacs' file: 

(setq mc-mixmaster-path "mixmaster")
(setq mc-mixmaster-list-path "/foo/bar/baz/type2.list")

mc-mixmaster-path is a string representing the Mixmaster executable. mc-mixmaster-list-path is the complete path to the type2.list file.

Once these variables are defined, Mailcrypt will automatically try to use the Mixmaster executable whenever possible. Specifically, when you rewrite a message for a chain, Mailcrypt will find maximal length sub-chains which have the mix property and will use the Mixmaster executable to rewrite for those sub-chains.

This allows arbitrary intermingling of Mixmaster and normal (also called Type 1) remailers, but you should note that this is not recommended. The recommended procedure is to have a single Mixmaster sub-chain which is most or all of the whole chain.

There are advantages and disadvantages to having the Mixmaster sub-chain at the end of the whole chain. The primary advantage is that Mixmaster remailers support multiple recipients. The primary disadvantages are that they do not support pseudonyms nor posting.

So here, as always, it is the last element of the chain which needs to support the special features you want. In general, the remaining elements do not matter, and the superior security of Mixmaster remailers is a good argument for using them for the bulk of your chains.

Mixmaster remailers also have a "Type 1 compatibility mode" which you might want to invoke to use a pseudonym or make a post. You can do this with the function mc-demix. Here is an example of its use: 

(setq mc-remailer-user-chains
      '(("Foo" "vishnu" "spook")
        ("Bar" "Foo" (mc-demix "replay"))))

This makes "Bar" a chain of three remailers, and guarantees that the last one ("replay") will be used in compatibility mode.

Note that Mixmaster remailers cannot be used for response blocks. Mailcrypt will ignore the mix property when generating a response block.

PREV Remailing Posts UP Remailer Support NEXT Remailer Security