Note: The principal purpose of my suggestion is to facilitate bidirectional
PGP-encrypted communications between users. PGP is important to me—so much so, that I am now CM for my very own
256% AIRDROP BOUNTY SIGNATURE SPAM old-school CRYPTO campaign.
Everybody is familiar with this warning on the “Send message” page of the forum’s PM system:
Note: PM privacy is not guaranteed. Encrypt sensitive messages.
As one who has attempted to follow that advice, I can attest that it is flat-out impractical. I endure
extreme inconvenience (and oftentimes, monetary loss) for the sake of privacy. If I can’t handle the mind-numbing, error-prone tedium of copypasting manually encrypted/decrypted significant numbers of messages in and out of the forum’s PM system, then the above warning to “encrypt” is but a mockery.
Please improve the forum to make it feasible for privacy-conscious users to use PGP for every message, all the time.
Like a post office here on the forum? I do agree on this since i'm trying to be more private but i have a question. Will this be managed by a group of people or a programmed bot?
If by a group of people, time would be their enemy.
If by a programmed bot, then good choice, but the thing is, can it handle a huge load of PMs circulating daily?
Of course, this function would be performed in software. Not what would usually be considered a bot: A daemon, or more likely, daemons plural (mailer-daemon plus something to integrate the mailer with the PM system). I do not even see how it would be possible for humans to—what, manually select and move messages between the PM and e-mail systems?
If ordinary MTAs can easily handle millions of messages, and the forum’s PM system can handle what it does now, I do not see where any scaling concerns would arise unless the system were implemented by monkeys.
PMs received (except those sent by newbies, in terms of content) can be sent via email, and will contain the content of said PM, which can be encrypted if the sender takes steps to do so.
However: (0) You can’t simply hit “reply” to those messages. (1) There is no way to
send PMs by e-mail; the only means to
send a PGP PM is manual copypaste with a web browser (!). (2) PGP/MIME cannot be sent through the PM system. (3) The message header fields are not set to values conducive to comfortably reading PMs in your e-mail; the
From: and
Subject: fields in particular would need to be more informative.
The forum acting as a remailer would also open the possibility of more phishing scam attempts, it would make it difficult to prevent this, and would make it difficult to track who is behind these types of scams. The same is true for other types of spam.
How? Given proper upfront identification of messages as being from a user (via Bitcoin Forum), I don’t see how this would significantly assist phishing. As stated below, it should be obvious that I do not suggest that messages should be blindly passed through the system. Logging could and should be performed for abuse response purposes. Logging and rate-limiting could be used to combat spam, just as same are used now.
Another issue is the sender would need to expose their email address in order to send another member a message.
From the term “remailer” (as opposed to “forwarder”) and my discussion of many users’ reluctance to expose their mail addresses, I deemed it obvious that the sender address would be rewritten.
E.g., mail from me through the system would be received with a
From: header of
"nullius via Bitcoin Forum" <976210@users.bitcointalk.org> (or
nullius@users.bitcointalk.org—but likely the numeric address, since forum usernames can contain characters problematic in mail address box parts). SMTP envelope FROM should be a VERP (Variable Envelope Return Path), as used by mailing lists to catch bounces.
Note: Some of my discussion here requires an understanding of how Internet mail works.Essentially, I am suggesting some form of Type 1 Remailer.
Overall this would give an incremental amount of convenience in maintaining privacy for the recipient, while making things much easier for scammers and spammers.
How?
Emphasis: I did suggest that the receiving end of the system should be opt-in for those users who
want to receive all PMs by e-mail. The only change for those who did not willingly opt-in would be that they may receive PMs which originated in the mail system. Of course,
sending into the system must be restricted to the e-mail address associated with a username; and mail should show up in the PM system as being “from” a username, just as it does now.
