Re: Hashcash - was re: Spam fights

[Russell Coker <russell@coker.com.au>]

On Fri, 11 Jun 2004 23:43, shadur@systemec.nl (Rens Houben) wrote:
> In other news for Fri, Jun 11, 2004 at 11:24:05PM +1000, Russell Coker has 
been seen typing:
> > Besides, with an army of Windows Zombies you could generate those
> > signatures anyway...
>
> Why bother, when said windows machines will have perfectly good
> signatures stored on them somewhere already?

Presumably the signature would be based on the envelope recipient and 
therefore signatures you find on someone else's machine would not do any 
good.  If it was otherwise then a single signature would work for an entire 
spam run.

I am assuming that the sending machine would not store the signatures for 
messages it sent, which could be re-used if the spam messages were to have an 
ancient time-stamp.  However this still wouldn't be of any great use, not 
many people have more than 10,000 messages stored in their sent-mail folder 
and the common case is far less.  Capturing a lot of zombies to generate 
signatures would probably be easier than trying to find a machine that had a 
large sent-mail folder.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page