-----BEGIN PGP SIGNED MESSAGE----- I wrote:
In fact, it is *in general* impossible to have both anonymity and prevention/control of mail-bombing. Of course digital postage will help the problem somewhat by making the bombers pay for it, and smarter filters on the recipient's end will help, but in general it is a problem we are going to have to live with if we want anonymity.
An entity calling itself Joe Block allegedly wrote:
Impossible is an awfully strong word.
Indeed. And I would be delighted (sort of) if someone could show me how my assertion above is incorrect.
If I was going to implement free digital stamps, I'd have a autoreply daemon (stamps@remailer.com) that when sent a mail, would respond with X number of valid stamps.
<snip> Look I don't actually understand how remailers are currently implemented, but for the purpose of this discussion it doesn't matter. Any sequence of steps that a legitimate correspondant can use to send a letter a mailbomber can use to send an e-mailbomb. Now you can make the sequence of steps more complex in the hope of weeding out the less technically competent mailbombers, but this is a weak solution which will also make remailnet even more inaccessible to the barely technically competent people who make up the vast majority of e-mail users. Look at it this way. How can one ensure that one receives only the kind of e-mail that one likes? I can think of only 3 ways: 1. Discriminate based on content. (killfiles, etc.) 2. Discriminate based on authorship. (PGP sigs, reputations, etc.) 3. Retaliate against those who send you mail that you didn't want. (mail-bombing, reputation-trashing, social or legal penalties, violence, assassination, etc.) Now unconditional anonymity (or even "Pretty Good" anonymity a la cpunks remailers) does away with option #3, right? (I take a moment to note that this is precisely *why* we advocate anonymity in the first place...) So that leaves us with option #1 and option #2. It is impossible for current computers to reliably identify for us whether a given e-mail message is junk mail or not. (I take a moment to note that when it becomes possible for computers to do so we will probably have bigger things to worry about...) *But* there is a lot that done with regard to discrimination based on content. First there's the obvious stuff-- killfiling topics and keywords (like "NSA" and "ITAR" on cpunks...) and splitting messages into different folders based on which list they are from-- and then what about this idea: someday people will include a few micro-dollars in their messages to encourage you to read them. Now that would be interesing. Now the schemes that I have seen aired here about how to prevent these kinds of distributed e-mailbombs generally focussed on a rough version of option #1-- just discriminate against multiple copies of the same content. That's fine (although some of my friends who are always sending me the same jokes might get left out in the cold...) but you have to realize that it is a weak fix that can be easily overcome by a technically sophisticated attacker. Also I think all such things should be done on the user's end. I would thank *my* anonymous remailers to let me and my computer decide what mail to trash. Of course as always people should pay as they go to send mail. Thus no direct financial harm is done to the recipient (or even a pecuniary bonus! See above) and the remailers could probably make a profit off of mailbombers. I'll leave option #2 alone. No fresh ideas today. Okay I've wandered, but to restate my main point mailbombing and anonymity are *in general* inseparable. Just as harassment, intimidation, blackmail, libel, copyright violations and other "information crimes" will be encouraged by anonymity. Get used to it, or else stop advocating anonymity. Regards, Bryce PGP sig and clear-text timestamp follow Mon Jan 15 15:46:21 MST 1996 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01 iQCVAwUBMPraYfWZSllhfG25AQGcZwP+L7DwXIksx1cNkqpUDxqlRcfsTw7bmRih sB5Ib1QQOoP53R9XinFHWdvvrfWx/M5sIlnZ2CweOnGyL8MgpYA+5FBjfrDvkGm9 B1EOzHMsfc0rQBOzERFvque/Kg+ojkIsoCXcvu3K9XUPpBv4iGs7E/oBSkKYX0pC 1cg35pR7SaQ= =m85b -----END PGP SIGNATURE-----