As I argued recently elsewhere, the security of remailers is poor for the following rather straightforward reason: If one sends an email through a chain of remailer nodes, the email of course has to go initially to the first node of that chain. On arrival at the router of that node, the entire email (the whole data packge, i.e. more than what one sees in the normal email window) contains the IP-address of the sender in the clear. So, if the agencies tap at that location, or more conviently at the provider side of the said node, then the sender of the email will be known to them and this alone is a serious breach of security. (Whether the agencies could eventually somehow also gain more information than that is not essential for the current context.)
One could on the other hand send materials from callshops or internetcafes, thus not using one's own IP-address, and send encrypted stuffs (preferrably with authentication) to such Usenet groups as alt.anonymous.messages and let the recipient collect them according e.g. to certain agreed upon characteristics in the subject lines at similar neutral locations. This way, both partners remain genuinely not trackable.
M. K. Shen