Payments as an answer to spam
Pete Chown
Pete.Chown at skygate.co.uk
Wed May 14 05:29:22 EDT 2003
Joseph Ashwood wrote:
> The spammers will now send out duplicate checks in their
> batches; why? simple because most of the messages will reach the inbox
> before the check is cashed ...
Purely technical anti-spam solutions are ideal, but solutions that push
up the potential penalties for spammers are useful too. In many
jurisdictions, wilfully writing a million bad cheques could mean prison.
On a similar note, I've been wondering whether there could be a protocol
which allows an MTA to indicate whether or not it is permissible to send
it spam. If the MTA indicates that it is not permissible, and spam is
sent anyway, the sender could commit the unauthorised access offence.
This would normally be s.1 of the Computer Misuse Act 1990 in the UK,
which carries up to six months imprisonment and a £5000 fine (per email,
technically). If the spam is illegal, such a "pump and dump" stock
scam, the maximum penalty goes up to five years and an unlimited fine.
The use of open relays makes this type of protocol difficult, but one
approach might be to add a new type of record to the DNS. This would be
called POLICY and would be inserted at the same level as the MX records.
It would carry a string parameter, which would be a URL. The URL
would point to a file which would describe in machine readable form the
types of email which are acceptable at the corresponding host. The
sender then indicates acceptance of the policy by adding a "Policy:"
header to the email, whose parameter is a hash of the file found at the
policy URL.
The recipient will receive two types of mail, some of which confirm
acceptance of the policy, and some of which do not. This fact can be
used in any way he chooses. He could reject messages which do not
accept the policy, or he could lower a spam score for those which do.
--
Pete
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list