ietf
[Top] [All Lists]

Re: Why spam is a problem.

2002-08-15 11:23:29
kent(_at_)songbird(_dot_)com writes:

search on "hashcash" on google?

Right.  Something along these lines, but with a challenge system that
would make double-spending moot and pre-computing useless.  If I
understand the system correctly, the hashcash system as it is now
appears to be vulnerable to attacks that involve pre-computing things
(and, e.g., shipping them on the same CD as the rest of the spammer's
kit).  Not that these are hard to address if there's a protocol
negotiation involved (and it is involved anyway).

The solution that I mention doesn't involve keeping any databases of
old tokens.  (In the case of spam, they're mostly useless as you could
use the same token with multiple servers.)  Note that it would have to
work on SMTP level rather than on the header-insertion level as
hashcash -- you *want* to have a challenge-response system.

-- 
Stanislav Shalunov              http://www.internet2.edu/~shalunov/

Sex is the mathematics urge sublimated.                 -- M. C. Reed.



<Prev in Thread] Current Thread [Next in Thread>