Justin Guyett wrote:
I'm wondered about CAMRAM white-listing on this ground. If you spend one 26-bit stamp and spammers can then share a white-list signature key amongst a bunch of spammers, and can send the recipient as many mails as you want, they might eventually just do that: use their zombie armies to actually "introduce" themselves.
Well probably not something to worry about now, and if it gets to that stage, lots of field lessons will have been learned (hashcash would have to be pretty widespread for spammers to bother doing it) and perhaps it will be clearer by then what to do about it.
And whatever the result of "zombies vs hashcash," the result of "zombies vs nothing" would be worse.
With high postage rates (32+ bits), is it feasable for spammers to spend an hour or three of "zombie" cpu time to generate a stamp when it only takes some irate user 5 seconds to forward the message to a special address where a script reports the signing keyid to a dnsbl blacklist? If so, raise the intro stamp cost even more to 34, 35 bits... At some point, spammers will give up. Lower the stamp cost.
People who really hate spam can be part of high-postage social networks.
If there were some application (like camram) that supported reverse stamp costs and updated local stamp costs automatically, a network of reverse-stamp-enabled users would automatically raise postage rates in response to a MS virus (and zombie network) outbreak, and gradually lower rates as machines got cleaned up.
Oh, and what about the web of trust features in pgp? It seems like that could be used to great advantage to get into a high-postage social network without spending days computing an intro stamp just to get marginally trusted by one member of the network. Of course, that requires user intervention...