On Fri, 18 Aug 2023 20:13:50 -0500, Bitmessage <anonymous@example.invalid> wrote:
snip
>should be safe to use

as a casual user of remailers for posting to newsgroups, "privacy"
is a simple matter, because none of the plain text content posted
to these unmoderated newsgroup forums requires decryption to read;
but some users may have more serious concerns about prevention of
"unauthorized" access to unencrypted content regardless of format
or function, in such cases "whole message encryption" is strongly
recommended . . . see https://www.danner-net.de/omom/tutorwme.htm

>OmniMix * Tutorial * Whole Message Encryption (WME) PreviousTopNext
>It's obvious to prevent your normal e-mail correspondence from being
>spied on by encrypting it with PGP. If the messages include attachments,
>you have to encrypt those as well. But there are parts of your message
>you can't hide this way, like its size, the subject, some language
>specific characteristics, and last, not least the fact of sending a
>multi-part message. That's where OmniMix's 'Whole Message Encryption'
>comes to your aid.
>Different from PGP frontends, which only allow to manipulate your
>message before being sent by the mail client, a proxy server like
>OmniMix is able to alter it as a whole, as long as the result remains
>a compatible mail. Provided that the PGP keys of all recipients of a
>mail are available, OmniMix can be advised to encrypt the entire
>message, including the complete header section and some random dummy
>data to disguise its real size, into one single PGP message block and
>send it by means of a rudimentary header, which has to contain nothing
>but the mail addresses and maybe some 'X-Hashcash' tokens. If it's sent
>via a nym server an existing 'Nym-Commands' directive is also moved
>outside the WME encryption block, but for reasons of security this
>doesn't matter, as the message in any case is additionally encrypted
>with the server's key. For an adversary, who's allowed to become
>acquainted with the identity of the correspondents, the result of this
>procedure is nearly worthless.
>Moreover OmniMix even supports sending WME messages anonymously, which
>usually isn't done to hide your identity from the recipients within
>your WME community, but to prevent external observers from figuring
>out the communication partners. Keep in mind, that the data within the
>WME block aren't anonymized, but, though maybe shortened dependent on
>an active 'Mail Permits' header filter list, handled like normal mail.
>In order to allow an unrestricted, transparent communication without
>adverse effects for the participants, among other things there's still
>your 'From' address - which may be bogus - and the 'Message-ID'. If
>the former can be found on the WME recipients list with 'Sign'
>activated, the resulting signature may also expose your identity to
>those who are able to decrypt the message. So check what gets
>encrypted at the 'Data for Whole Message Encryption' section of the
>'Raw Data' list as well as the 'Log' entries to assure yourself that
>no sensitive data are unintentionally revealed to the addressees!
>Caution: Don't send an anonymous mail to several addressees at a time
>if you don't want them to become linked! In this case send a separate
>one to each of them.
>The recipients then either have to decrypt the PGP block manually and
>import the result into their mail user agents, which certainly can
>only be accepted in exceptional cases. On the other hand OmniMix can
>automatically translate the messages back into their original state
>in the course of its retrieval from the POP3 server, as far as the
>corresponding secret PGP key and the correct passphrase are placed
>at its disposal.
>At the 'Dummy Load' page of the 'WME' section you're able to randomly
>increase the size of your mail. This measure prevents adversaries
>from estimating the kind of message, whether it's about a usually
>shorter text or a more voluminous data transfer. Request a message-
>specific dummy load by sending the desired block size range
>('O-Wme-Dummy-Size-Min' and 'O-Wme-Dummy-Size-Max' header entry)
>with your message. Values higher than the maximum block size defined
>within OmniMix are refused, as the processing of a message extreme
>in size may knock out your system. OmniMix now appends a random text
>block to your message introduced by a line with a unique character
>sequence. The contents of that indicator line is added to the message
>header as the argument of an 'X-Wme-Dummy-Separator' entry in order
>to allow the recipient's system to restore the original message by
>removing the dummy load. It's important, that the dummy separator
>header is named equally at the sender and recipient, as otherwise
>the addressee won't be able to restore the original message.
> Pros and cons of different communication methods
> Ordinary PGP WME Remailing Remailing Nym Nym
> Mail + WME + WME
>Contents Protection No Reduced* Complete* No Complete* No Complete*
>Reply Capability Yes Yes Yes No Yes Yes Yes
>Anonymity towards an external observer No No No Yes Yes Yes Yes
>Anonymity between the correspondents No No No Yes No Yes Yes
>Latency Low Low Low Medium Medium High High
>Reliability High High High Medium Medium Low Low
> * Reduced: Net data only / Complete: Data + structure
>The first step to set up WME is to add all required keys to the 'WME'
>keyring ('WME' tab within the 'Nym Configurator'). You have to import
>public keys for your correspondents and one or more public / secret
>keypairs for yourself. Don't use any of your very secret PGP keys for
>that transmission purpose, as its passphrase has to be stored on your
>computer and both can be stolen by anyone who gets access! Better
>create new keys and mark them with names, that point out their low-
>security use, e.g. by adding the character sequence '(WME)' to the
>User-ID. As decryption problems can't be ruled out otherwise, it's
>recommended to create your keys within OmniMix itself.
>You may notice that the WME section offers a greater variety of
>partly more secure encryption and hash algorithms than allowed for
>nym accounts. That's because there's no need to consider the
>capabilities of remailers and nym servers.
>Next is to go to the 'WME' tab of the main window and add the mail
>addresses of all participants in your WME network to the list along
>with the corresponding key and - if it's a private key of your own -
>the passphrase. Based on this list, if WME is active, all mails,
>whether sent normally or by one of your nyms, are examined for the
>presence of corresponding encryption keys. If OmniMix finds keys for
>all 'To:' and 'Cc:' recipients and there are no 'Bcc:' recipients
>(who would be uncovered by an encryption using their keys), the mail
>gets encrypted and only header data mandatory for delivery are left
>outside the protected block. At request the sender's signature is
>added in the course of the encryption to prove the authenticity of
>the sent mail.
>Finally you have to tell OmniMix, who's allowed to use the single
>private key / password combinations to sign outgoing and decrypt
>incoming WME mails. Therefore go to the 'User' tab and mark for
>every user the 'WME' mail addresses that belong to that account.
>Now you've finished. All outgoing mails are processed dependent on
>the WME mode ('WME' tab, 'disabled' / 'enabled' / 'required'). If a
>message has to depart from that rule, then use the according header
>directive. 'O-WmeSend-Mode: required' e.g. rejects a message that
>can't be WME encrypted, with 'O-WmeSend-Mode: disabled' you would
>even be allowed to send a usual anonymous mail to someone whose key
>is present at the WME keys list. The 'Sign' setting within the WME
>participants list is binding in any case. Therefore, if signatures
>are requested, the WME encryption has to fail as long as the
>password isn't properly set for the WME key or the WME item isn't
>assigned to the user account.
[end quote]

OmniMix 2.6.8 (2022-11-27):
https://www.danner-net.de/om.htm
https://www.danner-net.de/omom/index.htm
https://www.danner-net.de/om/OmniMix_2.6.8_Uno_Setup.exe