Payments as an answer to spam

Pete Chown Pete.Chown at skygate.co.uk
Wed May 14 05:29:22 EDT 2003


Joseph Ashwood wrote:

> The spammers will now send out duplicate checks in their
> batches; why? simple because most of the messages will reach the inbox
> before the check is cashed ...

Purely technical anti-spam solutions are ideal, but solutions that push 
up the potential penalties for spammers are useful too.  In many 
jurisdictions, wilfully writing a million bad cheques could mean prison.

On a similar note, I've been wondering whether there could be a protocol 
which allows an MTA to indicate whether or not it is permissible to send 
it spam.  If the MTA indicates that it is not permissible, and spam is 
sent anyway, the sender could commit the unauthorised access offence. 
This would normally be s.1 of the Computer Misuse Act 1990 in the UK, 
which carries up to six months imprisonment and a £5000 fine (per email, 
technically).  If the spam is illegal, such a "pump and dump" stock 
scam, the maximum penalty goes up to five years and an unlimited fine.

The use of open relays makes this type of protocol difficult, but one 
approach might be to add a new type of record to the DNS.  This would be 
called POLICY and would be inserted at the same level as the MX records. 
  It would carry a string parameter, which would be a URL.  The URL 
would point to a file which would describe in machine readable form the 
types of email which are acceptable at the corresponding host.  The 
sender then indicates acceptance of the policy by adding a "Policy:" 
header to the email, whose parameter is a hash of the file found at the 
policy URL.

The recipient will receive two types of mail, some of which confirm 
acceptance of the policy, and some of which do not.  This fact can be 
used in any way he chooses.  He could reject messages which do not 
accept the policy, or he could lower a spam score for those which do.

-- 
Pete


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list