[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hashcash - was re: Spam fights

>>>>> "Daniel" == Daniel Pittman <daniel@rimspace.net> writes:

Daniel> On 16 Jun 2004, Hubert Chan wrote:

>> SpamAssassin will check for hashcash in the future. Support is
>> already present in the development version of SpamAssassin.

Daniel> ...makes you wonder how long it will take before someone does
Daniel> generate the headers in SPAM, then.  Being in SpamAssassin seems
Daniel> to be a trigger point for a whole lot of things to be worth
Daniel> avoiding/abusing for spammers - the silly haiku header thing
Daniel> being one example.

Well SpamAssassin, AFAIK, will do proper hashcash checking, including
the double-spend database.  It won't assign any extra credit to bogus
hashcash headers (probably eventually will even increase spamicity for
those emails).  It also won't credit tiny hashcash tokens (I think the
minimum is 20 bits).  So spammers would have to generate real hashcash
tokens in order to get any effect from SpamAssassin.  Other than using
zombies, I don't think spammers could afford to generate real tokens
for every recipient.

Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.

Reply to: