> We analyse [anti-email-spam PoW] both from an economic perspective, “how can we stop it being cost-effective to send spam”, and from a security perspective, “spammers can access insecure end-user machines and will steal processing cycles to solve puzzles”. Both analyses lead to similar values of puzzle difficulty. Unfortunately, real-world data from a large ISP shows that these difficulty levels would mean that significant numbers of senders of legitimate email would be unable to continue their current levels of activity.
So it wouldn't work for mass senders, I think this means in the abstract? Reading into the details, page 6 says:
> We examined logging data from the large UK ISP for those customers who use the outbound “smarthost” (about 50,000 on this particular weekday).
Not sure I agree with the conclusion if this is their premise. This smarthost (an SMTP server sitting on the edge doing $magic, preventing client PCs from directly sending email to any which internet destination) is handling a ton of emails for free. Why should it solve the PoW? The residential client that is really trying to send the email is the one that wants to send the email and should attach the PoW already before sending it on to a relaying server.
I do agree it is probably undesirable to require that honest senders outcompete attackers on CPU power (=electricity =CO2, at least in the immediate future) to get any email delivered
> We analyse [anti-email-spam PoW] both from an economic perspective, “how can we stop it being cost-effective to send spam”, and from a security perspective, “spammers can access insecure end-user machines and will steal processing cycles to solve puzzles”. Both analyses lead to similar values of puzzle difficulty. Unfortunately, real-world data from a large ISP shows that these difficulty levels would mean that significant numbers of senders of legitimate email would be unable to continue their current levels of activity.
So it wouldn't work for mass senders, I think this means in the abstract? Reading into the details, page 6 says:
> We examined logging data from the large UK ISP for those customers who use the outbound “smarthost” (about 50,000 on this particular weekday).
Not sure I agree with the conclusion if this is their premise. This smarthost (an SMTP server sitting on the edge doing $magic, preventing client PCs from directly sending email to any which internet destination) is handling a ton of emails for free. Why should it solve the PoW? The residential client that is really trying to send the email is the one that wants to send the email and should attach the PoW already before sending it on to a relaying server.
I do agree it is probably undesirable to require that honest senders outcompete attackers on CPU power (=electricity =CO2, at least in the immediate future) to get any email delivered