[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hashcash spam prevention & firewalls




On Sat, 13 Dec 1997, Adam Back wrote:

[...]
> (Hashcash is a way of proving that the sender has consumed a tunable
> amount of CPU time.  The verification process consumes negligible CPU
> time.  This allows us to require the would be spammer to spend say 20
> seconds per mail, which will slow him down considerably, over his
> current tactics of 1000 long Bcc lists allowing him to hand off
> spamming tasks to mail servers.)
[...]

Sounds like a headache to me: people use wildly different machines to
handle their e-mail. Some places use 25 MHz '486 machines, others use
300 MHz Pentium-IIs, a difference of 1-2 orders of magnitude? Collision
search is also easy to parallelize over a network, so the load can be
shared using, say, 50 Pentium-II 300MHz PCs, costing less than $100,000
(we don't need lots of disk or memory, just a fast CPU). Here's at least
three orders of magnitude for you.

The '486 may be used by a school, while the 50 Pentium-II machines
are owned by Spamford W., Esq. Now we're faced with a dilemma: we either
limit the school's outgoing e-mail capacity severely, or Spamford will
keep on sending spam. For every thousand messages the school sends
Spamford can send a million. 

The risk: starting a CPU arms race.

Ge'


Ge' Weijers                                Voice: (614)326 4600
Progressive Systems, Inc.                    FAX: (614)326 4601
2000 West Henderson Rd. Suite 400
Columbus, OH 43220  	     http://www.Progressive-Systems.com