1997-12-13 - remailer hashcash spam prevention

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: pooh@efga.org
Message Hash: 32b73ece180241cdcfb074ab0df6ba911fea46cc01d70290c60809ddcf889fd7
Message ID: <199712131055.KAA00967@server.eternity.org>
Reply To: <3.0.3.32.19971212234515.006a79a0@mail.atl.bellsouth.net>
UTC Datetime: 1997-12-13 11:19:47 UTC
Raw Date: Sat, 13 Dec 1997 19:19:47 +0800

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 13 Dec 1997 19:19:47 +0800
To: pooh@efga.org
Subject: remailer hashcash spam prevention
In-Reply-To: <3.0.3.32.19971212234515.006a79a0@mail.atl.bellsouth.net>
Message-ID: <199712131055.KAA00967@server.eternity.org>
MIME-Version: 1.0
Content-Type: text/plain




Robert Costner <pooh@efga.org> writes:
> At 12:59 AM 12/13/97 GMT, Adam Back wrote:
> >(Hashcash is a way of proving that the sender has consumed a tunable
> >amount of CPU time.  The verification process consumes negligible CPU
> >time.  This allows us to require the would be spammer to spend say 20
> >seconds per mail, which will slow him down considerably, over his
> >current tactics of 1000 long Bcc lists allowing him to hand off
> >spamming tasks to mail servers.)
> 
> So a remailer, such as Cracker, that might send out an average of 3,000
> emails per day would be required to use up 3,000 * 20 secs = 17 hours of
> cpu time per day.  Since a portion of these emails are to multiple
> recipients, then let's add 1/3 extra hashcash CPU time, or a total of about
> 22 hours of CPU time per day.

Remailers require a different strategy.  With remailers you are trying
to discourage spammers from using the remailer, with email you are
also trying to discourage spammers, but you have to do it in ways
which is easy for neophytes to cope with.

With remailers people already have to get new software, and all of the
source is available, so it is relatively easy for us to add
requirements for hashcash postage into type I remailers, in to
mixmaster, and newnym.  Hashcash was originally designed for this.
There is an implementation on http://www.dcs.ex.ac.uk/~aba/hashcash/

Also Andy Dustman, who is the guy who administers the efga remailer
(right?) wrote a python interface to hashcash, and is keen on python
hacking.  I suspect efga remailer may even be written in python if
Andy had much to do with it :-)

So with remailers you insist that the sender generate the hashcash
with all of their remailer requests, you bounce it or silently trash
it if there is no valid hashcash.  Also I would highly recommend that
you use Ian Goldbergs exit man script for remailer delivery -- it
delivers via HotMail and other such free web based email systems, via
publically accessible proxies and ensures that your remailer address
doesn't appear in the headers where you are the exit remailer. 

> Of course the Cracker mail system also runs various mail lists for EFGA.

Mailing lists you have to realistically I think not use hashcash for.
The majordomo process would become overloaded if it had to generate
hashcash for each recipient of each message.  Similarly the poster
would be over loaded if he had to generate hashcash for each recipient
of the message.  (I would not like to have to generate 1000 (or
whatever the current readership is ) of 20 second hashcash stamps to
post this message to cypherpunks for instance).

The way to cope with this in hashcash filters is to exempt mailing
lists from hascash requirement via a user administered allow list.

(You could possibly auto detect mailing lists at the hashcash filter
agent -- the subscription process could be detected -- or more risky
in that spammers might work out a way to abuse this -- by recognising
the pattern of mails -- lots of mails with the same Sender, and
different From fields.

> Of course, since we might be able to delete the need for hashcash among
> people who know each other, we could have Cracker build a database of
> people who like to have privacy

I tend to argue against this include list -- remailers become less
useful if you can not send mail to anyone who can receive SMTP mail.
I prefer the exit man via HotMail approach to the send notification
that there is anonymous email ready to be picked up approach.

> ISP's in general could handle the hashcash generation at the SMTP
> level by keeping databases of who sends email to whom.

Yes.  This can work reasonably well because people do not reply to
spammers, and most email has a to and fro pattern.

> It is of course far easier to do a single database lookup than to
> generate the 20 seconds of hashcash.

> I don't know.  I just don't understand the plan fully.  I'll have to
> think about it some more.

Read the stuff on http://www.dcs.ex.ac.uk/~aba/hashcash/ it talks more
about remailers.

Adam






Thread