Mixmaster Setup

Make sure you receive mails from the box. We use Postfix in this setup:

apt-get install mixmaster postfix
echo "root: admin@example.com" | sudo tee /etc/aliases
sudo postalias /etc/aliases

Edit /etc/mixmaster/remailer.conf and change the following settings:

REMAIL y # to be a remailer and not only a client
MIDDLEMAN y # try being someone in the middle first, if you want to be an exit change it to n
PASSPHRASE s0m3||hin&no1couldeasilyGu355  # saves your secret key
AUTOBLOCK y # user can block its address by sending an email
VERBOSE 0 # only log errors
REMAILERADDR mixmaster@DOMAIN # reamiling messages are send to this address
ANONADDR anonymous@DOMAIN # sender address of exit messages
ABUSEADDR abuse@DOMAIN
SHORTNAME somename # a name which should be less than 8 chars, see http://pinger.mixmin.net/mlist2.txt
REMAILERNAME somelongername # Usually I take: $SHORTNAME Anonymous Remailer
ANONNAME Anonymous # This is the »real name« of sent messages

IMPORTANT: Mixmaster is sensitive to spaces and tabs at the end of each line. Double check and make sure to have them removed.

If this is your first remailer, it is reasonable to set »EXTFLAGS testing«, so other operators see that your node is in test mode.

Other values have reasonable values. For an explanation see man mixmaster

Run mixmaster-rebuild as root to generate some files:

sudo /usr/lib/mixmaster/mixmaster-rebuild

Enable TLS in Postfix for both sending and receiving mails (/etc/postfix/main.cf):

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtp_tls_security_level = may

Ideally, replace the snakeoil certs with proper certificates, eg. from CAcert.

Finally, to announce your node, send an email to the remops list ( http://lists.mixmin.net/mailman/listinfo/remops ) with your /var/lib/mixmaster/Mix/key.txt. Additionally you can post it to alt.privacy.anon-server on Usenet.

setup/mixmaster.txt · Last modified: 2013/03/04 10:49 by moritz