On Sunday, November 9, 2003, at 12:08 PM, Ben Laurie wrote:
Brian Behlendorf wrote:
On Fri, 7 Nov 2003, Santiago Gala wrote:
Classified for reading until I finish a proposal ;-)
A nice scheme against spam, I read about some time ago, was about
requiring the email sender to compute a computationally difficult
challenge before the email was accepted, for uknown/untrusted senders,
something that could take 1 sec CPU time for a reasonable processor.
The idea was raising the cost of sending spam and putting it where it
belongs. Trusted senders, like the ASF, for instance, would not be
required to do it.
So, a spammer would have to pay like 1 TeraInstruction per message, and
a reasonable PC would send no more than say 3000 spams per hour. This,
BTW, would make desirable to send signed messages for bulk senders,
since those would be much "cheaper" to send.
Ouch. Daedalus.apache.org sends out over 1M messages per day, and at
bursty times 100 per second. How do we convince a non-trivial number of
hosts to trust us and not require that computation?
You require hash-cash for list postings and sign them for redistribution.
Such a signature would, i hope, assert little.
Is a spec for signing the headers added to forwarded mail?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
