[108117] in Cypherpunks
Re: CDR: Re: Idea to eliminate most spam on mailing lists [CP] (fwd)
daemon@ATHENA.MIT.EDU (Tom Vogt)
Fri Feb 5 03:52:35 1999
Date: Fri, 05 Feb 1999 09:39:18 +0100
From: Tom Vogt <tv@wlwonline.de>
To: Jim Choate <ravage@einstein.ssz.com>
CC: cypherpunks@einstein.ssz.com
Reply-To: Tom Vogt <tv@wlwonline.de>
Jim Choate wrote:
> actually, requiring all postings to be signed by a valid (see below) key
> would be enough. that would a) eliminate most spam because of the
> cost/effort ratio, b) authenticate messages while allowing for anonymity
> (only your key would be known, so one would know which person wrote
> which mails, but nothing about that person) and c) be even easier for
> most people - a lot of mail clients already allow an option to
> automatically sign all mails or some mails (like all going to
> cypherpunks@cyberpass.net). it would also c) not require the publication
> of a private key.
>
> "valid" in this context would most likely mean that the majordomo knows
> the key. this would require adding key-handling functionality to
> majordomo, probably a new command saying "key follows".
>
> ----- End of forwarded message from Tom Vogt -----
>
> So, where does the key come from?
from the sub-scriber, in my model. I would subscribe to cypherpunks by
sending to it (some dashes added so majordomo doesn't think this is a
control message :) ):
sub-scribe cypherpunks
key follows
---- PGP Public Key Block ----
[...]
or something like that. if the list allows posting of outside messages,
you would leave the sub-scribe part out and just send your key in order
to "make it known" to the server. you can do that anonymously.
> In the first case it becomes economicaly worth
> the spammers time to vacuum all the public key servers.
what would that gain a spammer? my public key is exactly that - public.
I don't see how a spammer can profit from knowing it.
what a spammer would have to do to post spam on mailing lists would be:
1. generate a new pgp key
2. make it known to the listserver (see above)
3. post spam
that's two more steps than usual.
