At 4:18 PM +0900 11/13/06, [EMAIL PROTECTED] wrote: > > Signed mail causes the CPU of the mail server to have to do expensive > > crypto calculations that are many, many orders of magnitude beyond > > anything that had ever been done in the past, on a per-message basis. > > If you insist that the server do the signature, yes. Did you miss the > part where I said you have to educate users for this to work?
No amount of user education is going to help. First off, they need to be running suitable software. Very little client-side software supports DKIM or other similar sorts of technologies, and this kind of thing is pretty useless if it's not widely implemented. DKIM was specifically designed so that it could slip in as a "shim" on the server side, to start ramping up this process quickly, because they knew it would take a long time to be supported on the majority of clients. But the problem is that it *has* to be supported on the server receiver in order to be useful at all -- that's the only place where you can do those calculations while the sender is being held open, so that you can make a decision as to whether or not to accept that message. Otherwise, you might as well just blindly accept everything in the first place, and let the client deal with all problems. > > At that point, you might as well just shut down all Internet e-mail anyway. > > For those who don't sign their messages, yes. The rest of us will be > back in the friendly-user world because only our friends will be able > to send us mail. :-/ Not really, no. Because only the spammers will have enough CPU power necessary to do all those calculations. No recipient system will be capable of doing massive crypto calculations for each and every message that is received, so they will all get buried under the load. > > Actually, spammers have totally unlimited CPU power available to > > them, so they might be the only ones on the planet who are able to > > handle doing signed e-mail for all messages. > > Because they are using owned machines, you mean. Well, if those > machines can do crypto for the spammers, they can do crypto for their > nominal owners. And if email is going to survive, by your > projections, they're going to have to. It doesn't matter where or how the spammers get their CPU cycles, what matters is that they have them, and they continue to get more of them at a faster rate than the rest of us can stand up new servers to deal with the massive waves of spam. We're losing this war, and we're losing it faster and faster every day. > > It doesn't matter that the signed message is actually traceable back > > to a particular person, it just matters that it's signed. > > Then it's just hashcash, and it can't scale. We already knew that. Yup. -- Brad Knowles, <[EMAIL PROTECTED]> Trend Micro has announced that they will cancel the stop.mail-abuse.org mail forwarding service as of 15 November 2006. If you have an old e-mail account for me at this domain, please make sure you correct that with the current address. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp