[Cryptography] Email and IM are ideal candidates for mix networks

Jerry Leichter leichter at lrw.com
Mon Aug 26 10:54:17 EDT 2013 

On Aug 26, 2013, at 10:14 AM, Perry E. Metzger <perry at piermont.com> wrote:

> On Mon, 26 Aug 2013 06:47:49 +0100 Richard Clayton
> <richard at highwayman.com> wrote:
>> If you run your own emails system then you'll rapidly find out what
>> 2013's spam / malware problem looks like.
> 
> This is slightly off topic, but...
> 
> As it happens, I run my own email system (and run email for a few
> other people at the same time.) My email address is also very very
> widely published, so I'm on virtually every spam list in existence.
> Thus, I'm reasonably qualified to speak on this.
> 
> Things work pretty well, and I spend essentially no time on
> required maintenance....
This is my experience as well.

My primary email address is actually served by a small ISP whose spam filter I don't trust - too many false positives.  Actually, I have yet to see a spam filter I *do* trust.  So I've configured my account at the ISP to mark what it thinks is spam in the subject line but then pass it through.  My primary spam filtering is from Mail.app - but I manually check everything in my Junk mailbox before tossing it.  I see every message it thinks is spam, everything my ISP thinks is spam, and everything they think is ham as well.  (Mail.app has no idea what the ISP's "Spam" marking means, but presumably adds it as an element in its own decisions.)

Like Perry's, my email address has been the same for a while (25 years or so, in my case - it was initially delivered via UUCP) and has been widely distributed.

My experience is that Mail.app's junk filtering is rather good, producing a small number of false positives and negatives.  My ISP's filtering is considerably worse.  Reviewing my junk mail is no big deal.

Way back when, I used to get an overwhelming amount of spam.  Looking at it, the cause became clear:  I own lrw.com, and have the only mailbox there.  I had set it up to forward mail sent to any user at lrw.com to me.  I never got anything useful that way - but I got *tons* of spam.  Simply black-holing anything not sent specifically to leichter at lrw.com cut the load *way* down.

Keep in mind that one of the starting points of this discussion was how to implement mail that was proof against PRISM-like bulk monitoring.  That rules out solutions in which a central server has access to the cleartext of your mail to do spam scanning anyway.

If people were willing to send definite spam to a central server, and accept consensus updates to their spam filter in response, there's no reason why the same algorithms that the big guys currently run couldn't be combined with local scanning.  (At least you could safely send examples of spam.  Sending ham is more problematic.  And one could speculate about the kinds of attacks that targeted spam, together with monitoring of when it gets noticed and sent back to the service, could enable.)

                                                        -- Jerry

More information about the cryptography mailing list