Nymserv install notes

If you know what a nymserver is then you may also know there is little or no documentation on getting one installed. Its a bitch. These are my notes from the install. They are quite brief but I figured they may be helpful if your working with nymserver.pl and are stuck on something, so I’m sharing.

Make a folder to work in.
mkdir Nym
cd Nym

get the nymserver code from cvs

cvs -d:pserver:anonymous@nymserv.cvs.sourceforge.net:/cvsroot/nymserv login
cvs -z3 -d:pserver:anonymous@nymserv.cvs.sourceforge.net:/cvsroot/nymserv co nymserv

run setup to build the pgp folder and make our keys
cd nymserv
sh ./setup.sh

then we make sure it built the key fine
cd ~/Nym/pgp
gpg --no-default-keyring --secret-keyring ./secring.pgp --list-secret-keys

sign and check the signature of the key
gpg --keyring ~/Nym/pgp/pubring.pgp --sign-key nymserverKeyID
gpg --keyring ~/Nym/pgp/pubring.pgp --list-sigs nymserverKeyID

edit the key to add send@
gpg --no-default-keyring --keyring ~/Nym/pgp/pubring.pgp --secret-keyring ~/Nym/pgp/secring.pgp --edit-key config@nym.whatever.net

dump the public key to a new file
gpg --no-default-keyring --keyring ~/Nym/pgp/pubring.pgp --armor --export nymserverKeyID > sigedkey.pgp

create some stuff

mkdir ~/Nym/users
mkdir ~/Nym/queue
mkdir ~/Nym/.gnupg
touch ~/Nym/.gnupg/noring.gpg

create user files for admin and postmaster
echo my@emailaddy.not > ~/Nym/users/postmaster.forward
echo my@emailaddy.not > ~/Nym/users/admin.forward

create a reply email
echo 'From: nobody@nym.whatever.net' > ~/Nym/users/remailer-key.reply
echo 'Subject: PGP key for nym.whatever.net' >> ~/Nym/users/remailer-key.reply
echo '' >> ~Nym/users/remailer-key.reply
cat ~Nym/pgp/sigedkey.pgp >> ~/Nym/users/remailer-key.reply
cp ~/Nym/users/remailer-key.reply ~/Nym/users/help.reply

Next we edit nymserver.pl a little to set it up for our environment check the first line to ensure it is your perl path and then edit $HOMEDIR $HOSTNAME and so on. Most important is $NYMKEYID

Then set up dns and MX and added this to postfix master.cf
#nymserver
nymserv unix - n n - - pipe
flags=FR user=anon argv=/home/remailer/Nym/nymserver.pl -d ${user}

add a line to main.cf
relay_domains = nym.whatever.net

add a transport
nym.whatever.net nymserv:

hope for the best
postmap /etc/postfix/transport
postfix reload

Oops,had to chmod 700 nymserver.pl
and the server was missing a few things.
apt-get install libmd5-perl
apt-get install libgnupg-interface-perl

If your mixmaster is disallowing clear text you may not receive any config requests.. if this happens add --UNENCRYPTED=y to the nymserver.pl mixmaster line.

If your postfix is configured recipient_delimiter=+ your nym configuration confirmations will break with “User Unknown” because the cookie delimiter is also “+”.

Now test a bit and if it’s all good then open up finger on the firewall and add this line to your inetd.conf
finger stream tcp nowait remailer /home/remailer/Nym/nymserver.pl nymserver.pl -fingerd

2 thoughts on “Nymserv install notes

  1. Great ! I didn’t start yet configuring a nym , but from what i can read you have been essential and you haven’t missed to mansion a single step needed on configuring a software badly needed for the all internet . I’m a young (35) sys admin concerned about privacy in todays internet , i run a tor node and i’m getting a mixmaster remailer up and running but 🙂 it’s not happening . Get in touch with me at this gpg key 823402D2 for the above email , hkp;//subkeys.pgp.net has this key 100% and what else , tell me your key as well and let’s talk CIAO !
    p.s.
    also on jabber noauth@jabber.org 0x9761DEA5

  2. Hello,

    I came across your website when I was thinking about resurrecting the Nymserv project. I used some of your ideas to begin fixing the setup.sh script included with Nymserv, and at the same time moved the project onto GitHub. You’re welcome to check it out. See the URL above, or just head to http://github.com/pymander/nymserv

    Thanks for your feedback on this, by the way, and sorry I wasn’t around earlier to work on this.

    — Erik

Leave a Reply

Your email address will not be published. Required fields are marked *