Spam Wars

Microsoft are apparantly considering using memory-intensive puzzles to help fight spam. The principle being that for every email sent, the sender is required to use up a certain amount of their computer’s time to prove that resources have been spent on that message.

The BBC report suggests that when the sender starts the email process, they’ll be asked to solve a puzzle. Interestingly Microsoft have noticed that Moore’s Law – which would mean that in a few years time the cost would be significantly less (as CPUs are faster) – can be avoided if they use memory transfers instead, since memory transaction speed grows at a lesser rate.

In the meantime, Freeserve employ an interesting tactic for their users. They automatically force all port 25 (SMTP) traffic through their own mail servers, so effectively all outgoing mail is logged. This caused me all sorts of problems when I was testing a remote server’s SMTP but for the 99% of dial-up users this could generally be a useful move. I’m not sure precisely why they do it. Maybe they want/need to log all outgoing mail traffic, and any mail traffic originating from a Freeserve dial-up account can be accounted for.

Sounds quite sensible. Perhaps if all IP addresses using DHCP were forced to use their local ISP’s SMTP server it would be much easier to find the origin of the spam – fixed IP addresses would have an owner (somebody would be paying for it somewhere), and dynamic addresses would be attached to a username at any particular time. But I doubt that’s going to happen soon! There’s always tunnelling too, but by the same system you’d be able to identify those computers that were breached. Wouldn’t necessarily solve the spam problem (only stem it?) but would certainly help trace the source.

That gets me thinking – if Freeserve are routing all SMTP through their own server, and Microsoft reckon that a 10-20 second delay will mathematically throttle spam, what if Freeserve (and other ISPs) put a delay on the SMTP server themselves, and prevent multiple connections? Surely that would have a similar effect. Any mail then seen to go through Freeserve’s servers (might need certification?) could then be given a more positive welcome in the recipient’s inbox.