Impoverish a Spammer Today 343
esj at harvee writes "Recently the Camram project released its latest version of a hybrid sender-pays anti-spam system. The project has proven that sender-pays works and has demonstrated how to make it work with existing e-mail systems. Camram has developed hybrid sender-pays techniques that scale down to the desktop and up to the enterprise. It's a completely decentralized system that can put spam-fighting power in the hands of individuals. It gives you control of not only the current generation of spam, but also any future commercial spam -- why replace Viagra ads from a scam artist with Viagra ads from Pfizer?"
Re:Two Words (Score:5, Informative)
The technology is a hybrid solution to avoid the problem of universal adoption... a nice side-effect of this is you don't demand stamps from your white-list.
I have to say, I think it's quite an interesting combination of concepts, but still requires mass adoption to be useful.
Re:The problem is... (Score:5, Informative)
I will save you one step... (Score:5, Informative)
There is no problem here. (Score:5, Informative)
Yes, some people who run email lists out of their account will be inconvenienced, but not as much as they claim. They will just need to change the signup message to say "this is a mailing list that you signed up for, so add us to your whitelist because we will not be performing proof of work challenges and will drop you from the list when the first proof of work request arrives."
Some will claim that the hordes of spam zombies out there will be able to do the work on the spammer's behalf so this is not a solution, but it will at least provide some rate limiting for that zombie and it will also make it much more likely that the zombie will be noticed by the user when it starts to chew up CPU cycles.
Re:E-postage is not the answer... (Score:4, Informative)
So as long as you're not sending out several thousand messages to new and different recepients on a daily basis, you needn't really worry.
Most of your questions are raised here... (Score:2, Informative)
A system such as sender-pays, which proposes a radical change in the email environment, inevitably generates objections. This is positive because it helps identify the strengths and weaknesses of the system. However, once objections have been worked through and the developers have answered the same questions approximately 10^20 times, a listing of Frequently Raised Objections is appropriate.
Isn't universal adoption necessary for a sender-pays system?
For a classic sender-pays system, the answer is yes--any system requiring universal adoption is a non-starter.
Because of this problem, the Camram project (and probably others) expanded the classic sender-pays model to a hybrid sender-pays model. One of the many strong features of the hybrid model for sender-pays is that it solves the problem of universal adoption. This new model provides anti-spam benefits to the very first user, and the benefits increase as you add users. Hybrid sender-pays lets you incrementally introduce an anti-spam device that will take a serious chunk out of the economic foundations of spam.
What kind of attacks are possible against a hybrid sender-pays system?
There are four known attacks on this system. Two of them attack the sender-pays system, one attacks the friend filter (i.e. the white list), and the last attacks the content filter. Content filter attacks are nothing new; we are in the middle of one right now where spammers are trying to bypass Bayesian filters. As the number of stamps increase, the "harshness" of the content filter can increase and eventually the need for content-filtering can go away.
The friend-filter attack comes from the implementation of white lists by name. If you know the content of the white list, then a simple forgery will let you bypass the filters. The trick of course is determining the content of the white list. One longer-term solution is to move to white listing by public key. Unfortunately, as long as there are folks not using the system, there will always be a need for white-listing by name.
Attacks on the sender-pays system involve trying to generate stamps faster. The first is the classic hardware accelerator. The best estimate we have for today is a 500 times speed up over software. There are both hardware and software responses to this attack but both responses effectively devalue the stamp or the means of production, which in turn restores the economic balance. The second attack utilizes zombies as a compute array. But if you run the numbers, you'll find out that the number of zombies known, if run perfectly and full tilt, cannot generate enough stamps for all of the spam in the world today. A tremendous number of stamps would be generated, but not enough for everybody. One benefit of zombies being used to generate stamps is that the machines will become hot, slow, and probably unreliable, all of which will be noticeable to the end-user. With luck, this means some people will get their machines fixed and reduce the zombie issue. Again, if the zombies the start generating stamps, one can always change stamp definitions or value.
How do you deal with large-scale legitimate mail sources (i.e. mailing lists, mail houses, etc.)?
There are two issues here. Mailing lists don't really have a good solution with the first generation of stamps. The traffic mailing lists generate is fundamentally indistinguishable from spammers, therefore whatever hurts spammers will hurt mailing lists. The answer for right now is to not do anything with mailing lists. Let them send unstamped mail and let the user whitelist mailing lists or deal with the trapped message issue manually.
In the future, it will become easier to deal with mailing lists because of the second generation of stamps (opportunistic signatures). If the list is signed with its own stamps, then it would be let through without problem. Spammers would still be barred because their signatures would be ignored.
The second issue is
Re:Hobbiests (Score:3, Informative)
Re:What happens... (Score:5, Informative)
If nothing else, at least it's something, right?
Re:Hobbiests (Score:5, Informative)
READ THE PROPOSAL FIRST PLEASE!
This is not asking you to spend money, it is asking you to perform a proof of work. This is hashcash, not real money.
Re:Two Words (Score:5, Informative)
I'm reading TFA [camram.org] and it states quite clearly "Mailing lists don't really have a good solution"
Read the website! (Score:4, Informative)
Have some (slightly out of date) documentation:
One section [billerica.ma.us]
Another section [billerica.ma.us]
RTF-FRO ! (Score:5, Informative)
If anybody can generate a stamp, what is to stop a spammer from generating stamps?
Nothing. In fact, we want spammers to spend as much time as they can generating stamps because it will undermine their economic foundations. As a spammer generates messages with stamps, people can raise their postage based on the spam. Everyone's rates will increase and it'll only affect the spammer and stranger-to-stranger e-mail. Friend-to-friend e-mail doesn't use work stamps and will be unaffected by any postage increases. "
And....
The second attack utilizes zombies as a compute array. But if you run the numbers, you'll find out that the number of zombies known, if run perfectly and full tilt, cannot generate enough stamps for all of the spam in the world today. A tremendous number of stamps would be generated, but not enough for everybody. One benefit of zombies being used to generate stamps is that the machines will become hot, slow, and probably unreliable, all of which will be noticeable to the end-user. With luck, this means some people will get their machines fixed and reduce the zombie issue. Again, if the zombies the start generating stamps, one can always change stamp definitions or value.
[all emphasis theirs]
It's almost like they anticipated this sort of thing. Or, like, thought out their design beforehand. Crazy concept, no ?
--LordPixie
simple (Score:5, Informative)
postage does not work (Score:1, Informative)
Look at your mail box. All that junk mail was paid with postage. It does nothing to deter them from continually bombarding you with the junk mail.
The only think it does is hurt the little guy. Big advertisers will always pay the price to spam you with junk mail and junk email.
This will just mean the little spammers will be replaced with big spammers. And the company controlling the postage meter will get quite rich. And your email will still contain just as much spam. Only it will be called targeted marketing material that you are interested.
Re:Hobbiests (Score:2, Informative)
There's a better variant (Score:4, Informative)
It's at this page on cpu stamps and challenge response [templetons.com].
Re:Two Words (Score:3, Informative)
Re:The problem is... (Score:5, Informative)
Also, white lists dont deal with the fact that a lot of email is from first time corresponders such as online retail outlets.
Er, if an "online retial outlet" is sending me email I did not sign up for, then that is SPAM and is exactly the thing this is supposed to prevent!.
If you *do* want email from a certain company, and you signed up for it, then you should add that domain/email to your white list. Simple as that.
Comment removed (Score:5, Informative)
Comment removed (Score:5, Informative)
Pay to send, but not with money! (Score:3, Informative)
You might have a point if this scheme involved using money. In this case, however, the "payment" is a proof-of-work [hashcash.org]. The user is paying in CPU cycles "spent" to send the message.
Re:Many Major Flaws (Score:3, Informative)
As for the other comments, you ought to read about camram. camram whitelists by pgp keys, not by sender. Initial messages have both a hashcash stamp and a pgp key. If the hashcash stamp has enough bits, the pgp key gets whitelisted. Spam operations would have to generate a high-value stamp for each recipient. Sure, they could send to the same recipient address twice, but why would they?
Furthermore, any pgp keys that spammers manage to get people to whitelist could be added to a DNSBL-type blacklist. The spammer would then have to generate a new key and generate hashcash stamps for every recipient all over again to get that new key whitelisted. Think RAZOR with a feature that feeds obvious spammers' keys into a dnsbl.
Numerical Assumptions make it succeed or fail (Score:3, Informative)
It's obviously a bad idea to build a system that only lets a reasonable machine send 10 messages per day - probably even 100 per day is too low, depending on your applications. 1000 is usually fine. It turns out that there are calculations that scale based on memory speed rather than CPU speed, so there's a much lower spread between the slowest non-palmtops and the fastest CPUs out there (like 4:1 rather than 20:1). But even if each zombie can send out 10,000 messages/day instead of 10,000,000, that slows them down enough that you can detect them and kill them (or at least blacklist them...)