[108121] in Cypherpunks
CDR: Re: Idea to eliminate most spam on mailing lists [CP]
daemon@ATHENA.MIT.EDU (Jim Choate)
Fri Feb 5 08:31:29 1999
From: Jim Choate <ravage@einstein.ssz.com>
To: cypherpunks@einstein.ssz.com
Date: Fri, 5 Feb 1999 07:20:46 -0600 (CST)
Reply-To: Jim Choate <ravage@einstein.ssz.com>
>Date: Fri, 05 Feb 1999 09:39:18 +0100
>From: Tom Vogt <tv@wlwonline.de>
>Subject: Re: CDR: Re: Idea to eliminate most spam on mailing lists [CP] (fwd)
>> So, where does the key come from?
>from the sub-scriber, in my model. I would sub-scribe to cypherpunks by
>sending to it (some dashes added so majordomo doesn't think this is a
>control message :) ):
>or something like that. if the list allows posting of outside messages,
>you would leave the sub-scribe part out and just send your key in order
>to "make it known" to the server. you can do that anonymously.
That isn't a key, that's a passphrase (even if you generate it with PGP)
because there isn't any mechanism to deal with duplicates and such. The exact
same mechanism can be implimented now by simply using the subscribers source
address and telling foo.config to not accept any submissions from outside the
list. Crypto does not equal security.
You can do that anonymously only so long as you're using an anonymous
remailer. Simply sending mail to a majordomo control address is no guarantee
of anonymity.
>> In the first case it becomes economicaly worth
>> the spammers time to vacuum all the public key servers.
>what would that gain a spammer? my public key is exactly that - public.
>I don't see how a spammer can profit from knowing it.
Access to a new potential market - MONEY.
>what a spammer would have to do to post spam on mailing lists would be:
>1. generate a new pgp key
>2. make it known to the listserver (see above)
>3. post spam
>that's two more steps than usual.
So what? You seriously think that if this was large enough the spammers
wouldn't figure out how to submit a key (PGP or otherwise) to gain access
to the list? Hell, a new CD business would boom over this one. Not only
would you get lists of millions of valid email addresses but now they could
sell lists of thousands of mailing lists and associated passphrases.
I'd give this thing a window of about a week for stopping spam.
____________________________________________________________________
There is a coherent plan in the universe, though
I don't know what it's a plan for.
Fred Hoyle
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ ravage@ssz.com
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
