Monday, March 29, 2004

Open source approach to spam prevention by "postage" -- looks very promising (MIT Technology review)

A Better Way To Squelch Spam?
... The idea of fighting spam on an economic basis using some form of postage has been discussed since 1992. This technique is known as sender-pays because it forces the sender to incur some cost before sending a message. Sender-pays systems can employ one of two different types of postage: money stamps, such as what Gates has proposed, or proof-of-work stamps.

Money stamps are a kind of electronic micropayment. Since the dawn of the Internet era, dozens of micropayment schemes have been proposed. Building the centralized infrastructure required for a worldwide micropayment system is a daunting challenge, however. Not surprisingly, none of these systems has taken off. And there is no reason to believe that value-bearing e-postage would fare any better than its predecessors.

Money stamps raise other significant issues: Who redeems the stamp? Who has taxing authority on the income? Who bears legal liability for erroneous or absent stamp validation? Who controls access to your mailbox and for how big a stamp? These questions make it clear why we and many others distrust money stamps as a solution to spam.

A proof-of-work stamp—or “work stamp”—is a mathematical puzzle that is hard to solve and has a solution that is easy to verify. Another important property of this puzzle is that it has no cheats—that is, there is no way to solve the puzzle by a shortcut.

The major impediment to adoption of any form of sender-pays has been the apparent requirement for wholesale changes to the e-mail system. The Camram (Campaign for real mail) open-source project has developed a hybrid system that solves the problems of classical sender-pays and provides a clear path to incremental adoption. Avoiding problematic money stamps and using proof-of-work stamps, Camram deters spam while maintaining decentralized operation.

The cheat-proof puzzle used by the Camram project is called “hashcash." The details of hashcash are complex, but here's a quick explanation. Hashcash uses a seed value consisting of date, e-mail address, and a random number. This seed is fed to a mathematical function called a "hash." The function performs a calculation based on the input. If the first N bits of the returned number are 0, then the input value is the stamp. Otherwise the input value is incremented by one and the process is repeated until the result is a valid stamp (0 bits in the first N places)....

...The Camram project has learned that the most effective anti-spam cocktail contains at minimum three filters: a stamp filter, a smart "white list," and a content filter. The white list is a roster of those with whom you exchange e-mail; it is used to let this friendly mail in unchallenged. The content filter looks at the content of the message and makes a probabilistic assessment as to whether the message is spam. Taken together, these three measures implement the principle of “strangers pay, friends fly free.” In other words, strangers who stamp their mail, and friends with whom you regularly communicate, have easy access to your inbox. All others go through the content filter.

Sounds great, what I like best though is the cocktail approach. When I espoused that 2 years ago (with sending service authentication) no-one seemed to "get it" (except Jon Udell, who understood immediately). Glad to see that becoming common wisdom!

No comments: