[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"

To: asrg@ietf.org
Subject: Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"
From: Thomas Harold <tgh@tgharold.com>
Date: Fri, 26 Dec 2003 23:21:09 -0500
In-reply-to: <5.1.0.14.2.20031226202057.04979db8@mail.1s.com>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <002401c3cc05$73f5d7a0$e9b60f18@DCMSX411> <6.0.1.1.0.20031226091431.05aac280@mail.comcast.net> <5.1.0.14.2.20031226122103.06d41d28@mail.1s.com> <002401c3cc05$73f5d7a0$e9b60f18@DCMSX411> <5.1.0.14.2.20031226202057.04979db8@mail.1s.com>
Sender: asrg-admin@ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4

Art Pollard wrote:

HashCash / Penny Black proposals suffer from one flaw that I see... they
assume that there is no legitimate reason for a low-budget organization
to send high volumes of e-mail.  Driving up the costs for spammers also
drives up the costs for things like public mailing list servers.
<SNIP>
It's still an interesting idea, but I'm not sure that it's practical in
the real-world.
Well, it could be combined with a whitelist. Basically, the first message (the subscribe message) could be HashCash/Penny Blacked. Then the subscriber would add them to a whitelist. If the user failed to do so after a couple of days, a warning message could be sent out and if the person again didn't whitelist the mailing list, the mailing list could unsubscribe them.

Not too bad really.

-Art

That thought also crossed my mind, where only untrusted domains would be required to Hash Cash / Penny Black (either through a whitelist or domains that don't have reverse-MX information). Which makes it a bit more like the real-world concept of "friends are always welcome, strangers have to show multiple forms of ID before they get past the front door". A targeted system would make it more palatable as you're only requiring strangers to do the calculation (or any system that doesn't seem quite on the up-and-up).

However, it's difficult to currently identify "friends", so any sort of targeted Hash Cash / Penny Black solution requires other things to be in place first. (Reverse MX systems, mail servers that sign outbound mail with a private key that matches the public key in the DNS, etc.)

Seems a shame to waste all those CPU cycles though... pity they couldn't be turned into encryption cycles of the actual message content.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"
  - From: david nicol

References:
- Re: [Asrg] Microsoft publicly announces Penny Black PoW postage project
  - From: Vinny
- [Asrg] Microsoft publicly announces Penny Black PoW postage project
  - From: Steve Schear
- Re: [Asrg] Microsoft publicly announces Penny Black PoW postage project
  - From: Art Pollard

Prev by Date: Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"
Next by Date: Re: [Asrg] Microsoft publicly announces Penny Black PoW postageproject
Previous by thread: Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"
Next by thread: Re: [Asrg] 6. Proposals - Computational - MSFT's "Penny Black"
Index(es):
- Date
- Thread