[IMC-Tech] Log anonymizing patches

[Micah Anderson]

We've been hard at work over in the Riseup Labs(tm) to get rid of any
identifying logs that we are involuntarily collecting for "The Man".
To that end, we've created a few pretty cool patches to some popular
software that reduce or eliminate many IP addresses at the source,
before they are logged at all. 

We have made patches to a popular replacement for syslog, syslog-ng,
which strips IPv4 (IPv6 is a significantly much harder regexp) before
they hit the disk. This means that any program that uses syslog for
logging will automatically have their IPs removed. This cuts out a
significant portion of information that we don't want or need to be
keeping. We also have a patch for a less well-known piece of logging
software, called Meta-Log. We patched this software first, but it
ended up not meeting our needs, so we aren't using it, but the patch
is there.

Additionally we've got a patch to postfix that anonymizes SMTP header
lines that are sent through over a SASL authenticated SMTP connection.
This is unnecessary information added for no apparant reason by
Postfix, and we dont think its a nice thing to do to let everyone know
what your home DSL connection is.

We've also got a patch or two for the popular webmail programs Squirrelmail and
IMP to remove some identifying information.

All of this can be found at http://dev.riseup.net/patches, Debian
packages for syslog-ng and postfix are available if you add the
following to your /etc/apt/sources.list:

deb http://deb.riseup.net/debian unstable main

Let people know about these, we need to be encouraging more people to
use these things *before* they are required to turn over their logs.

micah