Vernon Schryver wrote: > > The idea of forcing your correspondents to jump through hoops that > spammers' computers can't is fundamentally wrong and crazy. Correspondents are also computers, humans don't do SMTP. > A spammer's computer will happily continue trying to guess the > answer to your puzzle as long as you let it, or look for it > in a crib sheet of 1,000,000,000 clues. Spammers need scale (because they get a very low return). Therefore, part of the solution should be to deny scalability to spammers. You seem to think that is not possible. However, it is trivial for a receiver to impose and enforce *both* work and time burdens to receive emails from strangers -- at the MTA *and* at the MUA levels. For example, my MTA could enforce large time delays at every step to complete the SMTP session if the headers contain something suspicious like "Received: from ([127.0.0.1])". Also, my MTA could require message encryption and/or MAC using *my* PK (imposing a burden per message). Look up tables and computational power cannot help spammers in such case. "Jumping through the hoops" is not optional and will take work and time, that my MTA can increase at will -- as much as might be necessary to be an effective deterrent to abuse by strangers. Cheers, Ed Gerck