-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jason R. Mastaler wrote:
> Hannu <[EMAIL PROTECTED]> writes: > >> Any plans to support hashcashed mails? Basic idea is a computed >> header which is cpu-expensive to count, but very cheap to check. > > You should be able to verify hashcash tokens in incoming mail with a > `pipe' incoming filter file rule. For example: > > # verify hashcash tokens in the X-Hashcash header field > pipe "formail -c -x X-Hashcash | hashcash -c -y -b16" accept > > Make sure the 'formail' and 'hashcash' programs are in your system > $PATH, or else specify their full paths. Season to taste. Thanks! In fact, formmail is not needed, -X do the trick. Also, I think it would be a good idea to check that the resource is correct, ie. the recipient email address. Without it, spammers would only need to generate one X-hashcash - header for the whole email list. Here is my suggestion: - ---------- pipe "/usr/local/bin/hashcash -c -y -i -X -b16 -r \ [EMAIL PROTECTED]" accept - ---------- The hashcash database would be good to get in. I'll check it when I have time. How about adding the header when sending email? - -- Send replies to: [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAGUQsuA3ghgc3fUsRAj85AKD+XW0WemrAlLfaJ5l6rpHbzZV4LwCfaPGV iNHyvlzD7oCbEm6nuCQp9As= =1dBl -----END PGP SIGNATURE----- _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
