ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why spam is a problem.

2002-08-13 17:59:21
from [Donald Eastlake 3rd] [Permanent Link] 
It is a difficult problem and I don't have a magic bullet, but I think
that things can be done. The root of the problem is economic. Spam is
about five or six orders of magnitude cheaper the paper junk mail for
the sender.

No matter how cheap prime numbers are, requiring mail to be signed has a
number of advantages. It imposes some computational costs on the sender
and serves to link together mail so that white lists are more effective.

Another possibility is a "hash cash" scheme which requires the sender to
come up with a token which when HMACed with a canonicalization of the
body and certain fixed headers (including From, To/cc, etc.) results in
a value ending in N zero bits. The idea is to cause a slight delay to
the average user while their software searches for a token when they
send a message but a computational load enough to slow down spammers if
they are required to individually address messages. You could even make
N time dependent to compensate for Moore's law (not Keith, Gordon :-).

These are not new ideas and would have a variety of start up problems
but in combination with appropriate filters and black list services,
they would help out for some time. Ultimately, despite the problems
involved, I think you need to be able to charge people/lists not on your
white list to get your attention.

Donald
======================================================================
 Donald E. Eastlake 3rd                       
dee3(_at_)torque(_dot_)pothole(_dot_)com
 155 Beaver Street              +1-508-634-2066(h) +1-508-851-8280(w)
 Milford, MA 01757 USA                   
Donald(_dot_)Eastlake(_at_)motorola(_dot_)com

On 13 Aug 2002, Perry E. Metzger wrote:


Date: 13 Aug 2002 17:15:51 -0400
From: Perry E. Metzger <perry(_at_)PIERMONT(_dot_)COM>
To: Franck Martin <franck(_at_)sopac(_dot_)org>
Cc: ietf(_at_)ietf(_dot_)org
Subject: Re: Why spam is a problem.


Franck Martin <franck(_at_)sopac(_dot_)org> writes:

My own little piece part of a solution, is to enable global digital
signature.

For the moment GPG and S/MIME are not living to their promisses because
they are not offering tracability through a global certification
authority system (like DNS). So we come back to an old discussion GLOBAL
PKI with DNS help.


As I've said before: prime numbers are cheap. Anyone can get a
certificate. If we do this, we'll just get certified spam.

The problem isn't tracking down the spammers. Tracking them down is
laughably easy if you are willing to invest the time. I've done it on
a few occasions. The problem is stopping them from putting mail in
people's mailboxes.

Perry
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Why spam is a problem., Perry E. Metzger
Next by Date:  Re: Why spam is a problem., Keith Moore
Previous by Thread:  Re: Why spam is a problem., Keith Moore
Next by Thread:  Re: Why spam is a problem., Dave Crocker
Indexes:  [Date] [Thread] [Top] [All Lists]