I totally understand that claiming to provide total privacy to any individual could be vague and debatable in this case. And if we apply the usual encryption it becomes very easy to hack. So using normal cryptography is ruled out. But if we could implement salting. We generate a salt when a user is joins this list. It is stored in the database with the individual's password and other details (assuming the SQL database used is secure and does not give access rights to the moderator or any one else). When user sends a mail we store the salt used and fake mail id generated in another database (follows the previous assumptions). In case of reply to same address we lookup the fake mail id and corresponding salt and regenerate the address simultaneously applying the process of fake mail id generation to the sender's mail id this time. Also we need to filter the header from all the possible traces. But then it depends on the accessibility of the database in question. Also if we need to implement these processes someplace that is secure from middle men or malware (server may be). Or may be I guess the only way around is to trust the list admin but then it won't be able to serve the needs when we wish to keep this thing out of the hands of the admin. It then only keeps users anonymous from each other while the admin knows everything. If I am still thinking it all the wrong way. Please guide me as to how do I approach the problem.