I'm in the Security Group of the Computer Laboratory at the University
of Cambridge. Ben Laurie (yes, that Ben Laurie) and I have recently
been doing some sums on proof-of-work / client puzzles / hashcash
methods of imposing economic constraints upon the sending of spam...
Ben wanted to know how big a proof was needed for a practical scheme
he was considering -- and I told him it wasn't going to work. We then
carefully worked through all the calculations, using the best data
that we could obtain -- and we did indeed come to the conclusion that
proof-of-work is not a viable proposal :(
That's a very interesting paper, thank you. I wonder, however, what
the distribution curves are like when "regular correspondents" are
exempted from proof-of-work, not just mailing lists. Would it be
possible to re-examine the MTA logs for this type of pattern?
By "regular correspondents" I mean people who know each other well
enough to send mail regularly, not necessarily frequently - even once a
week over a period of months. I ask this because I expect that users
with slow machines - who would otherwise be the group most
inconvenienced by proof-of-work schemes - send mail that mostly falls
into this category. I don't know, however, how much of the overall
picture is accounted for by these.
For future work, it might be instructive to identify various non-spam
use-cases which appear to have a high proof-of-work load - ie. on the
"long tail" of the distribution curves presented - and consider
practical ways of relieving or accommodating it.
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk
website: http://www.chromatix.uklinux.net/
tagline: The key to knowledge is not to rely on people to teach you it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg