I remember penet from the early Internet, although I never used it...
I agree that the OP / Service Provider - should read up on the legal issues surrounding a service like this... The Wikipedia link above is a good place to start. Ideally get a good lawyer and give that link to them...
If I had to make a choice, I would choose any other SaaS business, due to the historically contraversial nature of this type of service -- but that being said, I wish the OP good luck in his endeavor!
One other thing... before users sign up, perhaps you could tell them what will happen to their data if you are ever served by Law Enforcement with a Warrant to give them some user's data... If the answer is that you're going to give your users' data to Law Enforcement (the right answer, as far as I know), then your "private" / "privacy protecting" service -- really wasn't all that "private" / "privacy protecting", now was it?
It would be far more honest and up-front to tell prospective users that their data will not be private in/under all conditions/circumstances...
If you lose would-be users because of this, well, at least you showed honesty and integrity...
Thanks for your suggestions, I agree. In the privacy policy on the site I do state that "information will not be provided under any circumstances to any parties other than when compelled by law." Logs are rotated daily and deleted after 7 days.
I'll do some more research on the legal issues you've mentioned above too.
You might very well have created the best anonymous email service out there, which will be used and cherished by many thousands of happy users who use it legally, ethically, morally, etc.
But then one day, you might get that one user, that one user, that just abuses all of that, and causes nightmarish legal problems...
So forewarned is forearmed, as they say...
Also, I would point out that your service is the only way to truly manage rogue emailers that don't respect unsubscribe requests. In other words, it has a very legitimate/lawful purpose other than mere privacy.
While rogue emailers might not exist so much in the U.S. due to laws, the rest of the world is open game -- there is no way (short of using your service!) to manage them appropriately.
If you should ever go to Court, that should be at least one of your arguments... basically ask the court/jury, "OK, well if a recipients email address can't be anonymized, then how else does someone manage spammers from other countries that get their real email address and keep mailing them from different addresses (and with different content) such that it bypasses their spam filter?" Simple answer: They can't! No one can! Done!
Disposable email addresses (for the recipient, when subscribing to various things on the Internet) are the only solution.
I agree that the OP / Service Provider - should read up on the legal issues surrounding a service like this... The Wikipedia link above is a good place to start. Ideally get a good lawyer and give that link to them...
If I had to make a choice, I would choose any other SaaS business, due to the historically contraversial nature of this type of service -- but that being said, I wish the OP good luck in his endeavor!