>> A 24 bit stamp would then cost about 1/1000 of this or about five >> milli-cents. I don't know how this would compare with the other >> expenses >> of a spammer. > > http://www.apache-ssl.org/proofwork.pdf > > Cheers, > > Ben. 1. Reaction to receiving stamped email -------------------------------------- If I received a stamped email that didn't look spammy, I would be inclined to open it and at least read the first few lines (before discovering it was spam) - The fact the spammer has bothered to stamp it means that he has actually added some value to the mail. It would be like receiving a letter with a real stamp on it - You would probably open it, since someone has actually paid to send it to you. Thus increasing the response rate. 2. Spammer direct mailing strategy ---------------------------------- If the spammers know they can only send a certain number of mails per day, then they will need to increase their response rates to maintain their profitability. One thing they will do is become more focussed in their marketing. Just like real-life junk mailers. The junk mailers can't afford to send letters to everyone in the country, but they do have lists which help them target more defined market segments. The combination of these two effects will contribute to the spammer response rates / profitability model. 'Number of mails per day' is not the only variable, there are other effects which should be considered. The SenderID and Hashcash strategies as far as I understand are not intended to eliminate spam completely. They are more about turning 'bad' spammers into 'good' spammers. Minimising spam by making the spammers think twice before sending (because they have to stamp each one), and making them more accountable (because they can't hide behind open relays anymore) A hybrid system (as suggested in Ben Laurie's conclusions) is the only way forward. Each part of the system addresses a different part of the problem, and in total will reduce spam to bearable levels. SenderID + Proof-of-work + 'good spammer' policies. Microsoft's Coordinated Spam Reduction Initiative document discusses the hybrid approach in more detail; http://www.microsoft.com/mscorp/twc/privacy/spam_csri.mspx They make references to Adam's original Hashcash proposals, although most of the document concentrates on SenderID. I know Microsoft had a 'PennyBlack' proof-of-work project, but I've been able to find any more information on this, or if it even progressed past the proposal stage (I emailed someone on the project team a few months ago but didn't get a reply) John.