Richard Clayton wrote:
In article
<03A0F711-A929-11D8-B336-000393863768(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk>,
Jonathan Morton <chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk> writes
That leaves one big category: Web Mail. The likes of Hotmail and
Yahoo don't charge for sending e-mail from their systems, except
perhaps in terms of banner ads. They also handle ginormous amounts of
said mail, which could make a proof-of-work switch-on relatively
difficult for them. However, most of their clients are low-end home
users, who, on average, may have relatively favourable contact
patterns. For this, we could do with more statistics.
Goodman & Rounthwaite have an interesting paper on using Captchas to
limit webmail usage (one conclusion is that you need quite a number of
them). It was presented at EC'04 yesterday, but the link on Joshua's
home page is not currently working -- I expect he'll fix it when he gets
home :(
In addition to the favorable contact patterns, webmail providers have other
options (that are not particularly restricted to webmail providers):
1. Ask/require their customers to download a small applet that would do the
work on the client machine (obviously doesn't work when the client is
something like an underpowered cell phone with WAP access)
2. Tell customers that mail delivery may be delayed unless they pay for
service while the provider does the proof-of-work as cycles are available
3. Rate-limit customers both by login ID and by client host address or other
identifying info
If proof-of-work were implemented and demanded on a large (Internet) scale,
I don't think webmail providers would suffer as much as they would appear to
on the surface.
I'd also like to note that any of these methods could be used by webmail
providers to limit spam sent through their systems regardless of any
receiving-end demand for proof-of-work.
Philip Miller
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg