ietf-asrg
[Top] [All Lists]

Re: 8a. Evaluation Model - Proposed Changes to Tech. Cons. Document (was Re: [Asrg] Proposed addition to draft-crocker-spam-techconsider-02.txt)

2003-11-17 08:35:19
At 10:12 AM 11/14/2003, Yakov Shafranovich wrote:
Eric S. Raymond wrote:
--- draft-crocker-spam-techconsider-02.txt      2003/11/14 16:37:39     1.1
+++ draft-crocker-spam-techconsider-02.txt      2003/11/14 16:52:25
@@ -566,6 +566,19 @@
      is also not clear who should receive the fees or how
      they should be disbursed.

+     Another possible form of sender-pays is to impose costs
+     at mail-transaction time without trying to clear them as
+     payments in the real world -- so-called "hash-cash" schemes.
+ The purpose of such techniques is not to compensate the + receiver for reading spam but to impose a friction cost on
+     spammers, ideally one that would make bulk-mail prohibitively
+     expensive. Hash-cash schemes rely on the existence of
+     challenge-response methods in which the response is provably
+     expensive to compute.  A difficulty with them is that their
+ effectiveness could be diluted or eliminated by techniques + such as zombie-flood spamming attacks in which the spammer
+     essentially does not care about the amount of time any one
+     hijacked machine has to spend shipping a spam.

I forwarded the comments to Dave Crocker. However, my question is whether we should add a comment here about the fact that spammers can build specialized computers to do hashcash calculations and then perhaps rent it out to other spammers to use. That possibility has been mentioned on the list before. Even though it increases their costs, that increase might not be enough to make spam not profitable.

This has been addressed in various places before (not in ASRG archives?). http://www.camram.org/camram_works.html addresses it. There are answers to this problem that involve developing a mix of resource commitments and not just SHA1.

Mark


Yakov


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg