What is a Remailer?

A remailer is a service that provides anonymity to the sender of an email or newsgroup post by acting as an intermediary between the sender and receiver. The sender's message goes first to the remailer, which strips away the headers associated with the sender, replacing them with its own. It then forwards the mail to its final destination. The receiver cannot deduce the origin of the mail or post by looking at its headers — only the remailer's headers will appear.

There are a myriad of practical reasons to use a remailer. For example, they can provide anonymous participation in USENET support groups to keep employers, or even children and spouses from "Googling" personal posts. The service provides people of every country the opportunity for free speech, even where local governments forbid it. They also protect the sender when the nature of the message might cause personal repercussions, as in the case of a whistleblower.

For the average person on the Internet, a remailer can be a useful tool for keeping a personal email address private. If you want to send feedback to a favorite website or blogger, using this service will ensure that they receive your message without receiving your email address. This applies to USENET messages as well. Participation in controversial debate-based newsgroups can become contentious, but a remailer will ensure you won't have "stalkers" following you back to your mailbox.

Along with the freedom that a this service provides comes responsibility. Using a remailer to harass, threaten, taunt or engage in flame wars is considered abuse. In the headers of any remailed email or post, there is an address the receiver can email to complain of abuses. These may or may not be acted upon, depending on the owner of the service and the nature of the posts.

Though using one remailer is sufficient for casual purposes, several can be used in a "chain" to make the message harder to track and provide even greater security. In this case, the first member in the chain strips away your headers and sends the mail to another remailer. That service does the same, stripping away the previous headers and sending the message to the next in line, until finally the message is delivered. At the end point, tracing the origin of the message only gets as far as the last participant in the chain. If there are still server records available, the message might be able to be tracked back one more step, but the sleuth would run into the same problem at that juncture. Remailers, as a matter of security, allege to delete all messages off their servers daily, precisely to eliminate having to turn over server records to authorities.

Note that anyone with skill can run a remailer. It is widely believed among the remailing community that some are probably run by government agencies. Even a standard "Joe" can run an unscrupulous service, reading messages that pass through his server. For this reason, most people who use one encrypt their messages with PGP (Pretty Good Privacy). The message is only unencrypted at the end of the chain. Without using PGP, your message may be anonymous to the receiver, but it will be available to all of the middlemen in between.

There are several widely used freeware programs are designed to deliver email and newsgroup posts via remailers. Purists contend that using remailers manually with these programs is safest, though there is a learning curve. There are also services on the Web that automate the process and are probably sufficient for most people's purposes. Most purists reject Web services because there is no real guarantee that the service itself does not employ a "back door."