On Thu, May 15, 2003 at 09:56:17AM +0100, Adam Back wrote:
The limitation with blackholes is it depends on the blackhole implementation, some are simply refusing the TCP connection at firewall level; others are accepting but giving you a 500 (or whatever it is) response code explaining why -- but that is already too early for them to have read the X-Hashcash headder. One way around that is to include hashcash as an ESMTP address parameter which I understand allows you to say things after the RCPT TO, but even that may be too late (if they already said go away after the HELO).
There is already a reasonably good proof-of-work mechanism built into SMTP-- START_TLS. Any server that is willing to do TLS with mine is very unlikely to be a spammer. In fact a quick check of about 8000 spams I have shows that two of them used TLS. (both in the last week. hmm.) While it's true that the TLS protocol allows a client to subject a server to a DOS attack by getting the server to do the expensive crypto operation first (as the Dean & Subblefield paper points out) in order for a MTA to deliver mail, it's got to complete the TLS handshake. So, to fix the spam problem, all we have to do is require START_TLS. :-) Now, to generate an 8192-bit key.... Eric