Patrick Bogen writes: > Personally, I'd like to see hashcash become widespread, but I guess > that'd be hell for a mailing list.
As I understand it, hashcash is just a totally unprofitable use of cycles, which is bearable for personal mail, but substantially increases the burden on mass mail. While such waste for the purpose of creating incentives is often effective, in this case I believe it is not for three reasons. First, spamming is a business, it has revenues with which to defray such costs. My project does not; if hashcash cycles becomes annoying to my host, I'll just stop sending to hashcash users. This is an arms race, it has no physical upper limit on cost. It is not obvious to me that in the end the Commies will turn to democracy in the spam arms race; remember, the Soviet Union broke up because the West out-businessed them. The second is that for a bounded cost[1], you can implement signed mail. With current technology this is something of a cost, but for spammers it's pure cost, for the rest of us it's arguably a fringe benefit much of the time. This is much more effective where usable, because the signature identifies the sender to some degree, which spammers do not want. The third is that hashcash, like challenge-response, has a troublesome analogy to spamming. You're setting up a system, or "club" if you prefer, that uses outsiders' resources *without their prior agreement* to achieve a personal goal. If you are in a position to get that agreement, why not just use signed mail? The real attraction to hashcash as I understand it is simply that you don't have to educate users, it can be implemented without them even knowing it happens. But until we start educating users, or providing them systems which make their mail usage appear educated to the system, the spam problem will not be soluble (where my definition of solution includes operation of public access mailing lists on a volunteer basis.). Cheers, Steve Footnotes: [1] At any given level of technology. Agreed, this cost will increase over time as acceptable levels of security require more bits in the keys, but with present technology, this is not a price the spammers can afford to pay to drive up costs for the rest of us. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp