hashcash spam prevention & firewalls
Bill Stewart
bill.stewart at pobox.com
Thu Dec 18 22:44:58 PST 1997
>> > So, we would need about 44 hours of CPU time each day.
>> >Well, have a system of certified remailers trusted to force their
>> >users to burn up time at the sending end, so the ultimate recipient
>> >accepts their messages w/o postage. One certified remailer accepts
>> >messages from others without any postage, so only the original
>> >sender has to use up CPU time.
>...
>> Since we need hashcash now to LEAVE a remailer, not to enter one,
>> where does this hashcash come from? A busy remailer could not
>> generate it's own hashcash for the destination non-remailer ISPs.
>
>This is exactly what I was addressing: remailers only have to get themselves
>certified as remailers and then prove their certification to the destination
You're both taking the wrong approach - make the originator of the message
generate the hashcash, and make sure the remailer syntax lets them paste it in
as needed. For chained remailers, generate multiple layers of hashcash.
Maintaining whitelists is a losing game, but unnecessary here.
Mailing lists are still hard, and perhaps best handled by the user's software
(or some fancy variant like user-selectable filters at the ISP mailbox.)
It's hard to tell a real mailing list from a spammer's mailing list,
and both of them do mail explosion and send their mail to names not
listed in the To: line, so it's hard to do a technical fix.
There are scads of attacks against any fix, like having
disposable_user at juno.com join the mailing list for a while and them spam it.
But remailers are easy.
Thanks!
Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
More information about the cypherpunks-legacy
mailing list