A. Pagaltzis wrote:
* Daniel Lawson <daniel(a)meta.net.nz> [2004-05-30 16:09]:
I'm all in favour of technical solutions that will make this harder for spammers, but I'm not sure SPF is going to help a hell of a lot. That said, I don't have a better answer.
Have you (or anyone else) seen CAMRAM[1] or Hashcash[2]? These might actually help.
Hashcash is useful when it acheives a certain level of penetration. Until then it's not really useful - one of the authors says except 10 years before you can use it to filter mail reliably!. It seems like a good idea, but I don't know how well it will work. My understanding is that it is an MTA-side addon that slows the sender down. It protects me slightly against an infected internal machine sending zillions of spam - or maybe it just renders my MTA unusable while it deals with the processing load. Or, the trojan/worm has it's own SMTP engine and bypasses my MTA completely, and I get no protection from that anyway. If lots of remote MTAs also have it enabled, it might start being useful. Or you might find that spammers just increase their bot network and you end up with more MTAs crawling to a halt as they get hit with a ten or hundred fold increase in spam rates, and have to perform these hash calculations on every connection - tying up CPU, memory, file descriptors, and so on. My thoughts, after a 10 minute perusal of hashcash :)