The Anonymous Remailer Page

A Down And Dirty Tutorial

Section VI: Nyms, Nym Servers, And Other Magic

Back To Main Index

1. What Are Nyms and Nym Servers?

Well, we'll answer that in reverse order. A NYM SERVER is a computer (server) out on the net that is programmed to set up and handle anonymous email accounts using anonymous remailers and PGP. They are also (usually) anonymous remailers themselves, the main difference being that you must set up an account with them to use them. Part of the account that is set up includes a "reply block" (just like we set up in Section V! See how all this ties together? Damn, I'm good.) This allows you to use the nym server account for two-way anonymous email.

When you set up the account, you will chose a name for your email address. It can be anything. When you're done setting it up, your anonymous email address will be something like "Test Name <testname@nym.alias.net>". This is your "NYM" (i.e., your anonymous name).

Cute, huh?

2. Choosing A Nym

Now, believe it or not, one of the major things you have to do is to choose a name to be your "nym". You'd be surprised how many names are already being used. Now, we're going to be setting up our nym account on a nym server called "nym.alias.net" (there are others, but this is far and away the favorite) and, surprise, surprise, you can't use a name they already have registered.

So, how do you find out what's already registered so you don't waste time setting up an account they can't use? Easy. Send an email to "list@nym.alias.net" (no message body or subject is necessary) and about 30 seconds later, you'll get an alphabetical list of the nyms currently registered with them. There are presently an estimated 2.7 gazillion of them. Below is a very small sample, just to give you an idea of the types of names being used:

000
007
0x0d
10020
111
1eyed
1kv
1tdby5yg
2001
22
32bit
3o
42
451
4nik8
abyss
acme
activex
ad2000
admin
adultnews
adust1
advertiser
aenonym
affirmed
afoshole
agamemnon
agent007
agent008
agrippa
daphne
dare
darkangel
darklord
darklordhome
darkmane
darkside
darkstar
datalogger
dave
daves
davros
dawnbreaker
daybreak
dayofdoom
drude
drugon
drummer
dsek
dstblk-request
dstretcher
dtaylor
duclos
duece
dukat
dune
durango
durian
dusty
dv8
xanadu
xdrcft
xdrive
xenomorph
xenophon
xenopirate
xenos
xminister
xmyad
xorg
xovangam
xtrader
xtrmbrdr
xun
xyzzy

Now, using old "darklord" from the list above: "darklord" is what is usually known as his "NYM". His email address is "darklord@nym.alias.net".

3. Enough With The Foreplay. How Do I Set Up A Nym Account?

Impatient, aren't you? Fine, have it your way. I assume you've run the list and picked a name. For our purposes here, we're going to use "testname".
Step 1: Create an RSA PGP keypair for your new nym. In our example, we'll create a keypair for the name "Test Name" with an email address of "testname@nym.alias.net". You will be using this key to PGP sign all your communications with nym.alias.net so they know that it's coming from the owner of the account. Anything changing or attempting to use your account must be signed with that key, or they will disregard it completely. After all, they don't know who you are, so the only way they can make sure the account belongs to whoever's trying to use it is for you to sign anything you send to them. Do not sign the key yourself, as this will defeat your anonymity.
Step 2: Create a reply block. If you don't know or remember how, you probably need to go back to Section V. For our purposes here, we're going to use the reply block we made in Section V:
::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.8 for non-commercial use 

hQCMAx8q6DIxI0s3AQP/doYjvAlLd9YLBS15nOV1nCbrn78IhjTLplWa+5Xv0zen
2SBjsuVio/Sij7kuWP4f36kwXJFBfL0WS1tyhVbiVFtJw9CUcd/r7QU8GzPEggia
9RQR9o30Pq/aSYKsv3VinDFMpvcFKGBNXtOCpcDjkOMe3rbnJuiNGC/qsDZR6n6k
S9V7rVjxRsJKMLv71QK4wROZkKcv9lkTYFGw3NBxzr6dkgwnL3XZVvBTLDsViA9F
EZrQVTQlL8oRcK+tYcfTMYiVMiYA/c8qAt01gA==
=tudC
-----END PGP MESSAGE-----

**

Step 3: As you recall, we set up that reply block using "dizum" (email address "remailer@dizum.com"). So, we now have to instruct nym.alias.net to send it to "dizum" so "dizum" can forward it to you. To do that, we have to tell nym.alias.net that you're enclosing a "reply block" and also who to send it to:
Reply-Block:
::
Anon-To: remailer@dizum.com

::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.8 for non-commercial use 

hQCMAx8q6DIxI0s3AQP/doYjvAlLd9YLBS15nOV1nCbrn78IhjTLplWa+5Xv0zen
2SBjsuVio/Sij7kuWP4f36kwXJFBfL0WS1tyhVbiVFtJw9CUcd/r7QU8GzPEggia
9RQR9o30Pq/aSYKsv3VinDFMpvcFKGBNXtOCpcDjkOMe3rbnJuiNGC/qsDZR6n6k
S9V7rVjxRsJKMLv71QK4wROZkKcv9lkTYFGw3NBxzr6dkgwnL3XZVvBTLDsViA9F
EZrQVTQlL8oRcK+tYcfTMYiVMiYA/c8qAt01gA==
=tudC
-----END PGP MESSAGE-----

**

Step 4: Extract the public key from your keyring for the new keypair you made in Step 1 (Test Name <testname@nym.alias.net>) and paste it ABOVE everything you've done so far. This is what nym.alias.net is going to use to verify signed stuff from you from now on out. Note particularly the spacing on the following; blank lines where indicated are MANDATORY and no blank lines where indicated are MANDATORY. The format accepted by nym.alias.net is very particular:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: N/A

mQBNAjg5aWYAAAECAM3SGD41UOcsvD9qHLKZ+jwIknzupWBWfi02pY4pmHgbEIm4
KdncLE935I/QJxJii1197e9cpJLg7SWn6q+XWw0ABRO0IERvIE5vdCBVc2UgLSBU
aGlzIElzIEEgRGVhZCBLZXkhiQCVAgUQODls+KY+qT1p0/NdAQHCLgP+IdNTgDoc
EYyD8CFeokHZsSNPfFrvxo1Ua/RQAzE754goK695u0ipVNDA9q2/ihH3VKRl9zxV
d0bIbll3wNZgw96FUFEpRFXm5biOaY5YwJ3rJWzTpYuXItBqcYBMMO/aoeDofD7Q
ZPslZRx30HWFbfAzUpEXrv0QYFAUqLuWmL8=
=G7B3
-----END PGP PUBLIC KEY BLOCK-----
Reply-Block:
::
Anon-To: remailer@dizum.com

::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.8 for non-commercial use 

hQCMAx8q6DIxI0s3AQP/doYjvAlLd9YLBS15nOV1nCbrn78IhjTLplWa+5Xv0zen
2SBjsuVio/Sij7kuWP4f36kwXJFBfL0WS1tyhVbiVFtJw9CUcd/r7QU8GzPEggia
9RQR9o30Pq/aSYKsv3VinDFMpvcFKGBNXtOCpcDjkOMe3rbnJuiNGC/qsDZR6n6k
S9V7rVjxRsJKMLv71QK4wROZkKcv9lkTYFGw3NBxzr6dkgwnL3XZVvBTLDsViA9F
EZrQVTQlL8oRcK+tYcfTMYiVMiYA/c8qAt01gA==
=tudC
-----END PGP MESSAGE-----

**

Step 5: Insert commands to nym.alias.net to tell it to create the account and what to call it. Note these commands are ABOVE everything you've done so far. I've included some information (in red) to explain some of this stuff. The "Nym-Commands" line is further explained down at the bottom of this step:
Config:  <------- This is the command to configure an account.  If it isn't on the first line, the account creation WILL fail.
From: testname  <------- This tells it what account is being configured.
Nym-Commands: create? +acksend -signsend +cryptrecv name="Test Name" <-------  See below for further!
Public-Key: <-------  This tells it your public key follows
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: N/A

mQBNAjg5aWYAAAECAM3SGD41UOcsvD9qHLKZ+jwIknzupWBWfi02pY4pmHgbEIm4
KdncLE935I/QJxJii1197e9cpJLg7SWn6q+XWw0ABRO0IERvIE5vdCBVc2UgLSBU
aGlzIElzIEEgRGVhZCBLZXkhiQCVAgUQODls+KY+qT1p0/NdAQHCLgP+IdNTgDoc
EYyD8CFeokHZsSNPfFrvxo1Ua/RQAzE754goK695u0ipVNDA9q2/ihH3VKRl9zxV
d0bIbll3wNZgw96FUFEpRFXm5biOaY5YwJ3rJWzTpYuXItBqcYBMMO/aoeDofD7Q
ZPslZRx30HWFbfAzUpEXrv0QYFAUqLuWmL8=
=G7B3
-----END PGP PUBLIC KEY BLOCK-----
Reply-Block:
::
Anon-To: remailer@dizum.com

::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.8 for non-commercial use 

hQCMAx8q6DIxI0s3AQP/doYjvAlLd9YLBS15nOV1nCbrn78IhjTLplWa+5Xv0zen
2SBjsuVio/Sij7kuWP4f36kwXJFBfL0WS1tyhVbiVFtJw9CUcd/r7QU8GzPEggia
9RQR9o30Pq/aSYKsv3VinDFMpvcFKGBNXtOCpcDjkOMe3rbnJuiNGC/qsDZR6n6k
S9V7rVjxRsJKMLv71QK4wROZkKcv9lkTYFGw3NBxzr6dkgwnL3XZVvBTLDsViA9F
EZrQVTQlL8oRcK+tYcfTMYiVMiYA/c8qAt01gA==
=tudC
-----END PGP MESSAGE-----

**
Further information on the Nym-Commands line: Nym commands are usually "on" (+) and "off" (-) switches. They instruct the nym server to switch certain items on (+) or off (-). In this case, the "create?" instruction tells it to look for a the nym name, and if it doesn't find it, to create it. The "+acksend" instruction tells it to send an acknowledgement to you (through your reply block, of course) every time an email is sent out to someone through your account. The "-signsend" command tells it to NOT (-) PGP sign the outgoing message. The "+cryptrecv" command tells it to encrypt messages to you using your public key, so that you never get a plaintext message in your inbox. And, finally, the "Name=" instruction tells it what "From" name to put on email you're sending to people.

As you might suspect, there are a bunch of other commands available (including "delete," should you want to delete the nym completely). The entire list of them can be found HERE (opens a new window). Come on back when you're done looking, and we'll proceed.
Step 6: Send the whole thing to config@nym.alias.net. Now, to stay completely anonymous, you will want to send it via ANOTHER anonymous remailer. That way, nym.alias.net gets the setup instructions (assuming you've done it properly), sets up the account, and is ready to rock and roll, all without ever knowing who you are. Within 24 hours (48 at the outside) you should get confirmation from nym.alias.net (via the reply block that you gave them) that your account has been set up. They will require you to send a confirmation to them to activate the account. Again, send them the confirmation via another anonymous remailer.

4. Using Your New Nym Account

First, we're going to assume that you're now familiar enough with remailers so I don't have to repeat the formatting instructions. This is a message you want to send to "john@email.address".
From: testname
To: john@email.address
Subject: This Is The Subject John Will See

This is the body of the message.
Encrypt it to nym.alias.net, using your "testname" PGP key to sign it, so they really know it's from you. Add instructions to send it to nym.alias.net so the remailer you're going to use (see next step) knows what to do with it:
::
Anon-To: send@nym.alias.net

-----BEGIN PGP MESSAGE-----
Version: 2.6.3

hQEMA05NDhYLYPHNAQf/RNCShevyUTmJqQuCzmsyqvjNrkQgrZyAGEu7FCQ8pX+9
QlR4EJuNQv9Of7Kbby1WdM45HWABhW6yJFAAbKhl+fJLxvFhuXliFCWGybSuVMpN
hqSA+ZPozY5DRrfj51K++7o2bXlsWQkfR3XZCsEQkBGdwAgT3JWbyGGGLYwbuydg
MvZmZ62qWzyz0i4EkkAcaLBlwt72W4KguZ2i+cvcx4lR+ymDCONEUIiclgWVMaLz
H7dDsublbE5Z1jTHKhAoJvb+QLwjbO+Qf4OqQ6lExphMEaSgnZjBii5gdtCwFFIv
h7PmOL9FsvWMBJzm+pBXLHvhWX5D3lUMUQvy04JSKaUBqDnKuKIb2LNnqe4w+94I
oH/cDYVEN8P2T4h3EYITuDVH+jZId8IIFy3vENeoGZ+CXd1dIbDuKXNyE3eJphxd
1x028p94TXTDKHcMeiBgzKTyGKOY1dvtpNuXnzXEW2Ls3gDIaEqFDZqbEf4OjfE+
xVnZ+qn3ry5nXUJwBJCHUl4dEVvx/EBIwMdnkQxI9fXJZRkOpbYFDk9C7u1+zY14
oPVos3kQeuU7rnoTaCk5FO0lVSigcgDW2Gpz5ibzVpSQw92Q4oVPesKUXylHYB7J
KEAI9DtxQYdewjVLYzsr4P0DrDfga0MlmzVbJekvDAdWhFszLX5wPOI2KL+89YOl
7NhE+J2hTxloyICwBXZB9NvotDY08VrgoRGEq0G7WgBT6RyEk9MpASrGG/D+U7MP
7/VkI/SXri7656ikTznRLaXNoFf4AkGt5EfaLOOqS6hemPeAAAgycXWq8XbySzve
lUZ+fzUN1TH9N6xeDKUfZT7WZeHWtygVKJGhOihkzQOFHX4AvQZ09ujQwudguoCa
9GyImYzJ4GNfsamOj30+GDaiUQLnUjXRd48=
=RWnW
-----END PGP MESSAGE-----
Encrypt that whole thing to another remailer's key, so your NYM can't be attached to you in any way. In this case, we'll be using a Polish remailer named "LSD".

("To:" Line on your email client: lsd@hyperreal.pl) Body of your message to LSD:
::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: 2.6.3

hQCMAyofxouPCV5HAQP/aNMVGW8l4uIcVvxBKnF99uy8RtdcyKjpyDcua/rc5Lq9
MpzXHt5Ty2xocm1kWIjBiRi2sMg9lVtFiwPwJN3wGJ0U1RFtiyfMCG3BUN1rSVk7
LBWWkZvxI+7aR60ncHr+uJa2DDyxRjKNQ1sf1Vw1C/P6sU+CtZUfmCPFzofJRWel
BFNnUiO/7XKmzkmq8XiCKzTVYsd0JMgAqFCfBlPOXmyJ+mKMuctAcJvdGjOlnJB4
c+XHptja2xtVoCClwdA2qHHL0LEYV97P6vpc+m6ULJFhe2WyQ/FhE6VLUvEkgEzy
STne2OGg9R9wOEsGH6+u76lven+M4QuMOCg5ziFudxnEqna1oi2INyMXe1/52kRp
SKVh2mFv0s37pvbDlmOHFazmJXPIvFYgIgaLX2uVjt12+jWbUD30VGF9RuvHEDMi
4gbvow+a6IgFrQGPHKOtpL4Iwy++S2G5l9wZk26b8PTXa0s2P8UxFO7m6AfMPu4T
jDqc+l61vjtyP9tZmnBtSfqgEcdqZIAm8epzpNz3BnAkogoiC6wD84GqMJQPC9Bo
bkkblv5Ba9aMmwSj9M9km6fAK303OhHNMfILzteasxbZzIW4Z7fJnuW7erLe2z6O
2jlW6VdHlcM1UhxbKLTz5p1DGZgt+8awnF2ac+gK0JQIgBQDEvo+oGg6yu8qEAPg
PV7gHaWhIjAfIDH171Jwnn4iBq5aXviSaAbdEJ5Zm5x90j7cJzbWDWwEEySE5nUU
xew6u3aXCP8bKGnjA0Y3VBwpTOwyswaUNajqTPGvRWNRJntQqNrESS6pYNkXGNo3
2psbTg/TvzWVEfABQdXajSvAsilEQZks3hG5FdfytZ26PO0pd2DKquFnjWqcc0kD
K3Mme4aTJA3ApX7Z4kGggNqXc/OfWGqkcOstcNKfSI/GsUMsGAV3K9LrCfWNbgRk
mQ7pDG9vbiEw144Wb+oRmbK5Eu8AInzKaoHE/4VFVyL9Rkou1g8/gIiU3eKwHbL6
VGpFndFtyAmVu90Q93QQd7/mnrGzFQrg0NE3oxMw4wMLpD4ilvLX8/X9hXlg3J5Q
X6JE0jBf0FEB9YJ/kyAXv5jzzzWZzHR0PqtVK6++6972+tZY3cnA0eYDW66J3EtU
r43ss7MbN/h7bRJ6jPP+ljSOc0FpcZtcnFzBBSiOqNPTHzaUcHlMkkVTn0gDgIel
vYuPV2phCxhhdRyo9MNvaKXcxmi1oWy1w8blD3Wwq+xWZr+kMapCZ+69JNYgbWQw
+lPD82pykhoMqDxC/4TRD4VnlocAvPyLkCMjcTRpwXG+9QNd5ohD1ns5Ep/Uofj5
/4112w3DjliATAMdrPMB8r2mNKLVyEV+ix4CsjOWSgr+uJF8ImfZe/kH2lpwV0NN
iT60CDumcL9n+gYi85trXWXLbiBmJ9A1UC8Y+s6T0ygwlJrVWBZc2qSY4ur2TPlM
2M/Y1ojYN80i+lOcosoHKh/uriCWwfjFPJi8HYzrMWccxCzu5k8T+jYriNJ8Zv9V
FShn+9ZQbU0DqQQxsM9iRNNCHcRvYWoXk9nbn0VXYFXvBB9aEMseX9Nc4Zu5/vVv
ZZysVO0pK2ieFJRl7suW6fLA5ivz7uIe/3iuqAXQj6SHR7UoBixR8SDvDp62eKLV
IcMrFWI=
=kJXj
-----END PGP MESSAGE-----

Punch the "Go" button, and the above goes to LSD, where it's decrypted and sent on to nym.alias.net, who strips the headers, puts your "testname@nym.alias.net" address on the "From" part of the message, and ships it along to "john@email.address".

When "John" decided to reply, or anyone else sends email to testname@nym.alias.net, nym.alias.net takes the message, encrypts it according to the remailer commands you set up in your reply block, and sends it along to the first remailer. Assuming you've set up your "reply blocks" correctly when you set up the nym.alias.net account, you should shortly (10 minutes to a couple of hours in most cases), get a message sent to you through a couple of remailers without any work on the part of your correspondent.

He can't track it, but YOU can, because nym.alias.net doesn't strip the headers going IN to a nym.alias.net account. That means that unless he used a remailer(s) to send you something through your nym.alias.net account, he will never know who you are, but you WILL know who he is.


OK, now that I've made you weep like a little girl (don't BS me...I see that quivering little chin...) it's time to pat you on the back and say "Chin up, little buckaroo. Help's on the way." and with that, it's time to move on to Section VII: Software That's Gonna Help.



Back To Top
Back To Main Index
1998 - 2003 All Rights Reserved