nospam-seesignature@ceddec.com writes:
On Fri, 8 Aug 1997, Adam Back wrote:
[hashcash]
I think you never answered the fundamental question:
But to what advantage is it for *ME* to use hashcash?
Saying that it is neat, patriotic, pious, or any other adjective won't get my anonymous mail through any faster unless you can create a cartel of remailers that expidite hashcashed mail, or use some type of new remailer that others don't have and build hashcash into the distribution.
I wasn't talking about remailers above, but about end users. Hashcash allows the recipient to filter out email that hasn't got postage. As an interim upgrade path ISPs adopting it could be to bounce messages with out payments, and include a nonce, and instructions to resend including the nonce. Set up the filter so that the second post gets through. Spammers often don't have forged reply addresses for obvious reasons. (If spam crept up too badly in-spite of this you could at that point disable non-hash cash postage and give a URL for a java implementation where they just go to the web page and their browser will generate them some hash cash. Obviously this is inconvenient so I would be interested to see how the spammers adapted to just the nonce first. It's much easier to block spammers if they have to include replyable email addresses.) You would also have a no-postage list, for mailing lists etc. If we arrange so that spam won't get through without payment, it disincentivizes spammers. If some users go running around asking for `government to do something about spam', it could be suggested to them that it would be more effective to ask their ISP to install a hashcash patched sendmail. A remailer won't answer the bounce with nonce, so you automatically won't get remailer traffic without postage -- unless you put remailers on your no-postage list. If you're some media celebrity and you get too much email -- just turn up the squech, increase the postage required rate, and add people you do want to your no-postage list. You could auto-add anyone you ever manually replied to to the no-postage list even.
You still have the problem that a large organization can buy large computers just to do hashcash - look for networkable hashcash generators if it becomes popular.
I think the easiest initial way for the spammer to continue spamming you would be to target mailing lists, using forged addresses. Spam on mailing lists instead of mail is also a good thing for us, because we already have solutions for spam on mailing lists: decentralised 3rd party ratings -- NoCeMs can be applied to mailing lists. Allowing us to recommend good posts or mark what we consider spam. Individual users can decide which rating service to use. If you consider that hashcash can be setup to only charge postage for people you have never replied to in the past, this heavily discriminates against people who send large amounts of mail to random people. (Which is precisely the spammers mailing pattern!) Another solution with real ecash is to send ecash payment with mail and have filters that will similarly bounce messages if there is no ecash. The recipient by societal convention is expected not to cash the payment. People who cash your money you don't tend to send more email to. You could easily charge $1 and that would be a high price for the spammer -- it would be cheaper to snail mail you the spam. The above doesn't seem very friendly, or very in keeping with the spirit of free discourse. I think hashcash is nicer in this respect. I've taken the stuff on eternity to another message. Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`