I'm reading with only 10% of my brain engaged the many (and oft-repeated) articles about how Hash$ash or MailBucks or whatever will "fix" the spam problem. First, what is the spam problem? It's the receipt of unwanted messages, like a celebrity receiving unwanted attention when he walks in public. (Issues of his choice to appear in public are not central to the argument. He receives attention because his name and face is known to many. A "many to few" problem, just as more letters are sent to the New York Times than to me. Ordinary people don't get bothered on the street because they are not one of the relative handful of celebrities. With e-mail, we're all celebrities. Rather, the costs of sending (contacting) are so low that we can all become celebrities to a subset of stalkers. The analogy with celebrities is intentional. Their are three main approaches for dealing with the problem of unwanted attention towards celebrities: 1. Pass laws making it a crime to approach a person unless one has good reason to. Courts decide who is authorized or justified. This is the "unsolicited e-mail is a crime" approach. 2. Celebrities have agents who screen all potential contacts for the right amount of attention, deals, cocaine, or other forms of "consideration." This is the HashCash approach. "Pay me to be interested." 3. Reclusiveness. Celebrities live behind guarded walls, or on their own Bermuda or Bahamas island estates. When in Hollywood or London, they stay in 5-star hotels with rigorous screening of who gets to their floor. This is the "spam filter and personal responsibility" approach. Now it may be sad that Michael Douglas and Catherine Zeta Jones choose to live on Bermuda, in a walled compound no less, but this is the price of notoriety. As for complicated schemes involving using CPU resources to compute cryptographic numbers and thus decide whether a sender was sufficiently motivated or not, this is nonsense. If I recognize a sender's name, I am likely to read his mail, regardless of whether my 1 GHz G4 decides that he did not spend enough of his own CPU resources in contacting me. Etc. And if I see a bunch of Chinese characters in the message, or I see it is from a name I don't recognize, I will likely click on "Think of this kind of message as Trash" and will never again see this kind of message. (I use OS X Mail, a descendant of NeXTMail, and it has this kind of Bayesian filtering built in and easy to use.) If and when spam from harvested messages gets to be too great, I expect I'll change my e-mail address again. (My spam dropped from about 100 per day to about 1 per day when I changed my 7-year-old address of "tcmay@got.net" to "timcmay@got.net." It hasn't gone up in the past few months. This suggest to me, BTW, that maybe a lot of the spam is using a relatively static list harvested a while back. Which makes sense. Those selling "500 million e-mail addresses for $29.95" have no real incentive to try to keep current: they are selling to dummies trying to sell fake Viagara sugar pills to suckers. Maybe they're selling each other the same lists of harvested addresses during the dot com peak? Just a thought.) The fundamental flaw which is leading to the spam problem is that sending a million messages costs very little, not that recipients are not "charging" for e-mail. If bandwidth actually cost money, if various links in sending either JPEGs or copies of the Koran or e-mail actually were charged, a lot of the "ontological" problems with free mail would be lessened. Notice that I am NOT saying that all carriers should charge. Indeed, whether they carry traffic for free or charge for it, and how they charge, is their business. Whether on the uplink (sending) or downlink (receiving) or in the middle side, that some traffic is charged for, and must be paid for somehow, should be enough to fix things. The reason we don't get inundated with hundreds of pounds of physical junk mail each day is that there are ontological limits on sending of physical goods, on consuming of physical resources. (And learning takes place. A few years ago I was getting 10 times as much weight in glossy catalogs. I surmise that some of the glossy catalog makers gave up on sending expensive catalogs, for which they also had to pay postage, to tens of millions of potential customers.) On the downlink side, I expect my ISP is not much interested in trying to charge me or the sender for the e-mail I receive. But on the uplink side, on the side which fires off a million e-mails, I wonder why they don't try to charge the sender? And why traffic in between, bouncing amongst nodes, is not charge for? (Such charges would eventually force backwards a charging mechanism, of whatever form, a la the arguments by Hardy, Tribble, etc. for "digital silk road." Nobody expected the camel caravan from Tashkent to Baghdad to carry stuff for free. So why is it expected that 50 GB of JPEGs and e-mail should travel for free on the Net? Long term, unwanted communication comes with the "celebrity" effect. Greg Egan describes it well in "Permutation City": a constant barrage of agents attempting to make contact, with movies, fake voices, and every other possible trick. And so the spam filters will spend more time filtering. (And getting rid of the socialized "all bits are carried for free" pricing policy at least solves the worst of the ontological problems.) Should crypto people be worrying about how nodes on the Net charge for traffic? Maybe. But it won't involve "HashCash" tokens. For the 99.99% who never bother with the complications of crypto and signatures, convincing them to learn about how to use HashCash will be 100 times harder a sell. And if some mail system tries to ram it down the throats of the users, they'll find alternatives. --Tim May