At 6:27 AM +0100 2003/09/14, Jonathan Morton wrote:
Actually, let's step back a bit.
'k
Suppose we implement a "postage required" callback to promote
awareness in the early stages. What happens when one of these
callbacks hits a listserv that doesn't know about it? AFAIK,
most listservs will probably interpret it as a bounce, which
is probably counterproductive.
Indeed. We need to be careful about the SMTP Response Codes that
we issue on a hashcash-enabled MTA.
Also, what's the best way to combine hashcash and authentication?
On a hashcash-enabled MTA, we accept a hashcash-stamped message
on the first try and 4xx tempfail others? Maybe we also require a
minimum waiting period before we accept a non hashcash-stamped
message?
Not forgetting, of course, that we still need to have lots of
backwards compatibility that can (very gradually) be phased out.
Indeed.
It would be nice to be able to avoid hashcash for initial
communications in certain situations, because that lets some of
the low-end users off the hook, but that has to be watertight.
I think you could do this on a per-interface, or at least a
per-source network basis -- your "local" clients don't need hashcash
to get you to accept the message. Or maybe a client that
successfully uses SMTPAUTH and/or TLSSMTP doesn't need hashcash?
Finally, as an interim solution, can hashcash be effectively used
as a filtering modifier?
Probably. Is hashcash hard to calculate and easy to verify?
Take SpamAssassin, for example, you
could subtract a point from the spam score, for every bit of
hashcash after the first N (say 16). That'd be handy for people
who keep getting caught by the filters for reasons beyond their
control - it gives them a "get out of jail" card, cheap for
low-volume mail, expensive for bulk.
That sounds like an interesting first-pass, yes. Of course, this
would have to be integrated into the default version of SpamAssassin
that everyone installs (and other filtering agents), in order for
something like this to be of value. Otherwise, you're calculating
this stuff and stamping your messages with it for nothing.
--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg