On Sat, 13 Jan 2001, Ray Dillinger wrote:
list don't think this is spam?" and yes/no buttons. The subscribers just have another little button on their mail reader - So it goes Next message, delete, reply, reply all, spam.
Well, the totally trivial and stupid thing is for a list reader to sign a message saying "I think message X is spam" and send it to the list server. Actually, he doesn't even have to send the message; he can just send the signature if the message is in some canonical format. The server can verify the signature, verify the user's ID, increment a counter, and throw away the signature. When the counter passes a threshold T, -chomp- the server eats the bond. The server can even keep the signatures around if it wants to prove to the luser later that yes, lots of people really did think his message was spam. This has at least two problems 1) Identifies the user who says "I think this is spam." Not a good idea in principle, possibly not a good idea in practice. A potential solution would be a way for a user to sign a message in such a way that * no one can determine which individual public key signed the message * yet anyone can determine that the signer's public key belongs to a specific set of public keys (chosen by the signer and fixed at signature time to avoid the problem with "well, remove one public key and try again!") in this case, the set of eligible list voters. There's probably some crypto voting paper which solves a problem much like this. I'm not up on that. 2) Keeping an audit trail so the server can prove that the majority really did think message X was spam. With this proposal audit trails consist of up to T signatures, where T is the threshold used to trigger the spam alert. At like 1K per signature and many e-mails, this could be sizable. -David