From: Adam Back <aba@dcs.ex.ac.uk>
To: phelix@vallnet.com
Message Hash: 2b93e86dbfb853b8be7fe51545dc491041de516f04f412d7d2554f39a07bf3f3
Message ID: <199712221807.SAA00377@server.eternity.org>
Reply To: <349b9ea2.5036920@128.2.84.191>
UTC Datetime: 1997-12-22 18:19:08 UTC
Raw Date: Tue, 23 Dec 1997 02:19:08 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Tue, 23 Dec 1997 02:19:08 +0800
To: phelix@vallnet.com
Subject: Re: message dependent hashcash => no double spend database (Re: hashcash spam prevention & firewalls)
In-Reply-To: <349b9ea2.5036920@128.2.84.191>
Message-ID: <199712221807.SAA00377@server.eternity.org>
MIME-Version: 1.0
Content-Type: text/plain
Phelix <phelix@vallnet.com> writes:
> On 17 Dec 1997 02:21:48 -0600, in local.cypherpunks you wrote:
>
> >.....
> >> The implementation of the plan is a more or less impossible scheme.
> >
> >Nyet. It can be phased in over time...people install the software, mailing
> >lists warn their users to exempt them, and the big servers start asking for the
> >hashcash, little servers pick it up.
> >
> >.....
>
> Yes, but if you just phase it in over time, what benefit, if any, will
> users see until hashcash is fully deployed.
No spam in their mail boxes :-)
> Until that time, people will still have to accept email without
> hashcash or risk losing important messages.
You could work around this somewhat by configuring the hashcash filter
to put nonces (a random number) in the bounce messages for messages
which arrived without hashcash.
The instructions could read:
Email to this address requires hashcash postage. To generate
your hashcash postage get software from here: <URL>
Alternatively simply reply to this message putting this number
in the subject field: 12347651324
The danger is that the spammer could abuse this by automating the
reply to these bounce messages. However spammers typically don't like
to include a valid reply address, so this at least makes spammers
include an address where they can be replied to.
> We need to find some way for users to benefit from hashcash now, not 2
> years from now when 90% of sites are using it. The only thing I can think
> of is having servers place "Hashcash-verified" headers on incoming mail so
> that users can do positive filtering ("this is valid email") rather than
> negative filtering ("this is spam").
>
> I don't see people adopting hashcash unless there is some intermediate
> benefit to doing so.
An easily observable tag in the subject field such as: [SPAM?] meaning
no hashcash or [NEW] meaning you had never received messages from this
address before could be useful perhaps.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Return to December 1997
Return to ““William H. Geiger III” <whgiii@invweb.net>”