ietf-asrg
[Top] [All Lists]

Re: [Asrg] 6. Email Path Verification (hashcash benchmarks)

2003-09-13 22:28:38
If you can point me at the code, I can run the same test on a variety of hardware I have access to, which may provide some useful additional data points.

Actually, let's step back a bit. The original question was whether this was going to be (even approximately) workable on low-end machines, like the old Macs I mentioned. I think we've established that it's moderately painful, but yes it's workable, as long as we don't need more than 20-bit hashcash anytime soon.

We additionally have the option of offloading really slow machines' work to the MAA, but keeping server load low by having most MUAs do it themselves. So, I don't think I'm overly concerned about particular machines' performance - except for the really slow MUAs for workability reasons, and really fast clusters / dedicated hardware that might be used by spammers for circumvention.

If the magnitude of performance difference approaches the magnitude of mail-volume difference, hashcash is in trouble - unless we can get coprocessing hardware to people who probably can't afford it. That's a reasonably simple fact.

Now there's other questions.

Suppose we implement a "postage required" callback to promote awareness in the early stages. What happens when one of these callbacks hits a listserv that doesn't know about it? AFAIK, most listservs will probably interpret it as a bounce, which is probably counterproductive.

Also, what's the best way to combine hashcash and authentication? Not forgetting, of course, that we still need to have lots of backwards compatibility that can (very gradually) be phased out. It would be nice to be able to avoid hashcash for initial communications in certain situations, because that lets some of the low-end users off the hook, but that has to be watertight.

Finally, as an interim solution, can hashcash be effectively used as a filtering modifier? Take SpamAssassin, for example, you could subtract a point from the spam score, for every bit of hashcash after the first N (say 16). That'd be handy for people who keep getting caught by the filters for reasons beyond their control - it gives them a "get out of jail" card, cheap for low-volume mail, expensive for bulk.

--------------------------------------------------------------
from:     Jonathan "Chromatix" Morton
mail:     chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk
website:  http://www.chromatix.uklinux.net/
tagline:  The key to knowledge is not to rely on people to teach you it.


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>