At 12:59 AM 12/13/97 GMT, Adam Back wrote:
(Hashcash is a way of proving that the sender has consumed a tunable amount of CPU time. The verification process consumes negligible CPU time. This allows us to require the would be spammer to spend say 20 seconds per mail, which will slow him down considerably, over his current tactics of 1000 long Bcc lists allowing him to hand off spamming tasks to mail servers.)
So a remailer, such as Cracker, that might send out an average of 3,000 emails per day would be required to use up 3,000 * 20 secs = 17 hours of cpu time per day. Since a portion of these emails are to multiple recipients, then let's add 1/3 extra hashcash CPU time, or a total of about 22 hours of CPU time per day. Now since Cracker runs on old, antiquated equipment, easily two or more years out of date, I think we need to double this figure. (The Cracker CPU is actually less than 1/4 of the speed of many up to date desktop machines.) So, we would need about 44 hours of CPU time each day. Of course the Cracker mail system also runs various mail lists for EFGA. So we will need hashcash for these messages as well. If I wish to send out a personal email to each of say 900 nyms, then I will have to generate 900 * 20 seconds, or 5 hours of hashcash time in order to send an individual message to each nym. I certainly can setup myself as a privileged user on the Cracker SMTP port and bypass this requirement, but I'll need the hashcash for the unknown destination address of final delivery. Of course, since we might be able to delete the need for hashcash among people who know each other, we could have Cracker build a database of people who like to have privacy, and not have to generate the hashcash if we find you in our files. ISP's in general could handle the hashcash generation at the SMTP level by keeping databases of who sends email to whom. It is of course far easier to do a single database lookup than to generate the 20 seconds of hashcash. I don't know. I just don't understand the plan fully. I'll have to think about it some more. -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key