From: "Patrick J. LoPresti" <patl@curl.com>
Subject: Re: [ANNOUNCE] contrib/hashcash.el spam fighter
Date: 29 Jun 2002 20:07:14 -0400 [thread overview]
Message-ID: <s5gbs9t8w99.fsf@egghead.curl.com> (raw)
In-Reply-To: <mit.lcs.mail.ding/02Jun28.172137edt.119392@gateway.intersystems.com>
Stainless Steel Rat <ratinox@peorth.gweep.net> writes:
> * "Patrick J. LoPresti" <patl@curl.com> on Fri, 28 Jun 2002
> | Right, so you have to try them all. Checking the validity of a coin
> | is "fast", so this is OK, in theory.
>
> Not even in theory. It is a linear problem, and linear problems do not
> scale.
Sure, it is linear in the number of recipients times the number of
addresses you have. But this product for a typical message is not
increasing over time, so there is no scalability problem.
> [...]
>
> | Then again, it is not disastrous if you miss a message.
>
> And if that lost message is the job offer I am expecting?
Do you usually have job offers BCC'd to you? :-)
You are correct that you cannot combine BCC's with X-Hashcash without
risking the privacy of the BCC. (All someone else has to do is guess
that you were a recipient, then check the X-Hashcash header to confirm
it.) So BCC'd messages would have to go into your "has no X-Hashcash
header" folder for later perusal. You will need such a folder anyway
as long as you have correspondents who are not using X-Hashcash.
> -Anything- that causes loss of legitimate mail is BAD. Really bad.
> Unacceptably bad, in my opinion and that of the 350 employees in my
> company who expect mail not to be lost.
Tagging mail as potential spam, then perusing it later, is not
"losing" it. In fact it is precisely how many (perhaps most) existing
spam-filtering implementations work.
> That is 1.8 million hashes per hour.
>
> All those hashes being dumped into your spent coin database. And five
> thousand Sub7 variant infections is a very conservative number.
You do not record invalid coins as "spent", because you can always
recognize them as being invalid. Only valid coins need to be
remembered, and creating even a single valid coin is computationally
expensive. How expensive is up to the recipient to choose.
> Do you begin to see the vulnerabilities in X-Hashcash?
I have yet to see you present any. Yes, it does not combine well with
BCC. But so far, that is the only correct argument you have made...
- Pat
next prev parent reply other threads:[~2002-06-30 0:07 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-06-22 12:55 Simon Josefsson
2002-06-23 2:40 ` David Masterson
2002-06-23 4:39 ` Stainless Steel Rat
2002-06-23 5:12 ` David Masterson
2002-06-23 13:50 ` Stainless Steel Rat
2002-06-23 14:36 ` Simon Josefsson
2002-06-23 15:20 ` Stainless Steel Rat
2002-06-23 17:59 ` Simon Josefsson
2002-06-23 21:34 ` Stainless Steel Rat
2002-06-24 5:41 ` David Masterson
2002-06-24 8:20 ` Kai Großjohann
2002-06-24 12:06 ` Simon Josefsson
2002-06-24 16:05 ` Stainless Steel Rat
2002-06-24 16:41 ` Simon Josefsson
2002-06-24 19:26 ` Stainless Steel Rat
2002-06-24 21:14 ` Simon Josefsson
2002-06-25 1:55 ` Stainless Steel Rat
2002-06-25 2:15 ` Stainless Steel Rat
2002-06-25 8:56 ` Simon Josefsson
2002-06-25 14:54 ` Stainless Steel Rat
[not found] ` <mit.lcs.mail.ding/02Jun25.104630edt.119271@gateway.intersystems.com>
2002-06-28 14:48 ` Patrick J. LoPresti
2002-06-28 16:30 ` Stainless Steel Rat
[not found] ` <mit.lcs.mail.ding/02Jun28.122222edt.119118@gateway.intersystems.com>
2002-06-28 20:25 ` Patrick J. LoPresti
2002-06-28 21:30 ` Stainless Steel Rat
2002-06-28 23:03 ` Simon Josefsson
2002-06-29 0:41 ` Stainless Steel Rat
2002-06-29 11:46 ` Simon Josefsson
2002-06-29 13:56 ` Stainless Steel Rat
[not found] ` <m2u1nmti0u.fsf@tnuctip.rychter.com>
2002-06-29 14:05 ` Stainless Steel Rat
[not found] ` <mit.lcs.mail.ding/m3bs9uxjsh.fsf@peorth.gweep.net>
2002-06-30 0:20 ` Patrick J. LoPresti
2002-06-30 7:23 ` Stainless Steel Rat
[not found] ` <mit.lcs.mail.ding/02Jun28.172137edt.119392@gateway.intersystems.com>
2002-06-30 0:07 ` Patrick J. LoPresti [this message]
2002-06-30 7:48 ` Stainless Steel Rat
2002-07-01 6:37 ` Steinar Bang
2002-07-01 15:20 ` Stainless Steel Rat
2002-07-01 17:22 ` Steinar Bang
2002-07-01 18:37 ` Stainless Steel Rat
2002-07-02 10:43 ` Steinar Bang
2002-07-02 15:33 ` Stainless Steel Rat
2002-07-02 18:23 ` Simon Josefsson
2002-07-02 18:28 ` Karl Kleinpaste
2002-07-02 18:50 ` Simon Josefsson
2002-07-05 22:14 ` Kevin Ryde
2002-07-06 11:11 ` Henrik Enberg
2002-07-07 18:40 ` Simon Josefsson
2002-07-02 18:57 ` Steinar Bang
2002-07-02 21:09 ` Stainless Steel Rat
2002-07-03 11:45 ` Steinar Bang
2002-07-03 12:35 ` Oystein Viggen
2002-07-03 14:49 ` Stainless Steel Rat
2002-06-25 6:57 ` undo mail catchup w .snapshot .[mumble]rc ? Yeoh Yiu
2002-06-26 19:33 ` Paul Jarc
2002-06-28 4:51 ` Yeoh Yiu
2002-06-23 14:36 ` [ANNOUNCE] contrib/hashcash.el spam fighter Mark Milhollan
2002-06-23 10:54 ` Simon Josefsson
2002-06-24 18:22 ` Jason R. Mastaler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=s5gbs9t8w99.fsf@egghead.curl.com \
--to=patl@curl.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).