Re: Avskräckt?

[Niels Möller]

Linus Nordberg <linus@nordberg.se> writes:

> http://www.cl.cam.ac.uk/users/rnc1/proofwork.pdf

Now I've read that article. I didn't really try follow all the
juggling and hand-waving with numbers.

As I understand the conclusions, these are the important points as
they apply to us:

  1. We must be prepared to use challenges that take several minutes
     to solve.

  2. To make things work for legitimate email, one must use a some
     "hybrid system" where hash-cash is used only occasionally for
     legitimate email.

  3. The effectiveness depends on many hard-to-estimate factors, such
     as to number and cpu power of machines "0wned" by spammers.

As for 2., that's exactly what we're doing. For 1., it seems we will
make SMTP transactions take considerably longer time, and that
"smarthost" MTA:s will easily get into trouble if for some reason the
authentication mechanism doesn't work.

Regards,
/Niels