Hi I believe on windows at least one can do better than the current fall-back code. There is a random number API. We need to call it. MAC OSX, BSD, linux has /dev/urandom. The reason I didn't include the sender id in the stamp by default is that hashcash was originally considered for anonymous remailers where you don't know what the sender is. But this design carries over quite well into general internet mail because in fact the sender id in internet email is whatever the sender chooses to claim it is, there is no authentication. It is completely forgeable and commonly is forged, either to match soft-hosting by people who roam, mangled by people who don't want to receive spam in USENET and so on. So at this point the forgeability is a feature (equivalent of Reply-To all my mails are forged in this way; I write them on a shell account on a machine called off.net and forge some of the sender-id to be adam@xxxxxxxxxxxxxxx instead of adam@xxxxxxx). (SPF breaks some of these uses). Additionally if someone intentionally _wants_ to try collide with your stamps to deny service even if you do use a sender id extension, they can anyway use whatever id they know you will use and still collide with you. The ideal solution to me seems to be better randomness. Putting the sender id into the hash input as more random input generally should work, however for anonymous cases it could be dangerous. (If there really is not much randomness in the hash, or more importantly what randomness there is related to time which is put in headers or observable from when it appears, then perhaps someone can brute force and confirm your identity). Hashcash includes some anonymity related features particularly the -a flag. But there are so many applications which must be portable that have a generally stronger requirement for randomness that we should be able to borrow some code. eg. openSSL etc. Adam