Random musing about words and spam
Andrew Thomas
andrewt at nmh.co.za
Wed Sep 3 02:36:49 PDT 2003
Thomas:
> > I must reiterate that, given the relentless efficiency of
> > spam-spiders, merely publishing a shadow email address on all web
> > documents that your real email address reside on, and deleting all
> > email sent to both accounts is my current favorite anti-spam
> > mechanism. Simple to DIY, and requires no centralization.
>
> This approach assumes you are able to detect duplicates
> (which may be difficult to do if each spam sent out would be
> different, eg. using different sets of pseudowords - which is
> already being done in some cases, from the day antispam
> systems based on hashes of known spams were introduced), and
> depends on the duplicates actually reaching your both
> addresses within reasonable timeframe.
If one of the addresses was not ever used for legitimate purposes,
then blocking all addresses that sent to this address should be an
effective filter.
Also, with the low cost of storage today, storing message hashes
of known spam wouldn't take much space (not to say that this would
be a good way of identifying spam).
I was pondering recently the usage of a "web of trust"-type system
whereby one could use communal whitelists with decreasing trust
going outward as well as the opportunity to selected trusted
sources - perhaps using authentication authorities for PK's
as authoratitive whitelists, or not, as per ones choice. (Since
PK's require identification for the issue of certs, it at least
provides some chain of evidence. However, this negates the opportunity
for anonymity).
How feasible are implementations of such 'distributed' whitelists?
(I'm assuming that entries from non-whitelist identified emails
are permitted to send through on a challenge-response basis,
and that once identified, users have the opportunity to add to
such whitelist).
And, is it possible to indentify a bit of information as coming
from a trusted source, without identifying that trusted source
and without resorting to the use of a TTP?
--
Andrew G. Thomas
Hobbs & Associates Chartered Accountants (SA)
(o) +27-(0)21-683-0500
(f) +27-(0)21-683-0577
(m) +27-(0)83-318-4070
More information about the cypherpunks-legacy
mailing list