18

I just heard about this term, is it really used? The concept does not seem new, is it used and/or implemented in current technologies?

Scott Pack
  • 15,167
  • 5
  • 61
  • 91
Dpp
  • 331
  • 3
  • 7

5 Answers5

19

Yes its used, in a number of mail delivery/filtering sytems. The most recognized and widely used of which is spamassassin, used by some major ISPs and mail services. See http://hashcash.org/mail/

You might also want to read the hashcash FAQ: http://hashcash.org/faq/

It is also used in various other protocols and applications including for combating blog spam. And you may have heard of bitcoin - hashcash is the underlying mechanism used as the work function in bitcoin.

Adam Back
  • 191
  • 2
  • 6
    Welcome to StackExchange, Adam! You say it is used, but can you give examples where? The site you link to gives examples of software that *support* hashcash, which is different from saying that major email senders are using it (inserting hashcash into their emails), and different from saying that a non-trivial fraction of email in the world has hashcash attached. – D.W. Apr 28 '12 at 20:57
  • 11
    P.S. For those who don't know, Adam Back was the inventor of hashcash. Very cool to have him here on this site! – D.W. Apr 28 '12 at 21:01
  • 2
    I'll also point out that WP-Hashcash, a Wordpress extension that uses hashcash to deter spam, looks like it has [about 200K downloads](http://wordpress.org/extend/plugins/wp-hashcash/) at the moment. – D.W. Apr 28 '12 at 21:02
  • 1
    So it seems to be used at least in some blogs I guess. Tough to tell if it's actually used by major email senders. – Dpp Apr 29 '12 at 19:04
  • Hashcash *is* used. I've sent out tens of thousands of messages with hashcash stamps, and since many spam filters use them, my messages have been more likely to make it to their recipients. Enabling hashcash support in your mailer has almost zero cost (the stamps are generally computed while you compose the message) and increases the chance that your message gets through, so everyone should enable this feature. – Dan Christensen Oct 24 '14 at 01:39
  • 1
    @D.W. - see [my answer](https://security.stackexchange.com/a/118182/42391) below for stats on the current usage of Hashcash, including comparison to DKIM and PGP. Hashcash was a great idea, but it's a bit dated these days (also, thanks to Adam Back for the idea. I'm glad it has won traction in other areas.) – Adam Katz Mar 22 '16 at 05:16
10

No. It is not used. It forces the sender to waste a bunch of CPU cycles, and prove that he has done so, in hopes of cutting down spam. Unfortunately, this doesn't work. There are two severe problems with this approach:

  • It won't stop spam. Spammers often use a botnet of compromised PCs. They can just have those compromised PCs perform the wasteful computation and prove that they have done so, and then their spam will get through the hashcash filter.

  • Hashcash interacts poorly with mailing lists. If I want to send an email to a mailing list with 1000 people, I'll have to waste a bunch of CPU cycles 1000 times (once for each recipient). That means that legitimate senders are prevented from sending to a mailing list, or have to waste huge amounts of CPU to do so. That's not really acceptable.

So, overall, hashcash is dead. No one uses it, because it wouldn't work at deterring spam. It was a cute idea that turns out not to solve the actual real-world problem. Oh well, so it goes!

Edit 4/28: For more details about why hashcash is not a solution to spam, read the following research paper:

Wikipedia also has a short discussion of some of these issues.

D.W.
  • 98,420
  • 30
  • 267
  • 572
  • 1
    Cool thanks. Is it really not used? I can see why it is not great but are email / delivery systems really not using that? Botnet are expensive obviously so it could be a mitigation for cheap spammers. – Dpp Apr 28 '12 at 16:41
  • 1
    @Dpp, it is really not used. Really. My understanding is that the fraction of all email in the world that has hashcash attached is 0%, to an extremely good approximation. Turns out that other mechanisms are a better way to stop spam. IF you'd like more details, see my edit for further elaboration. – D.W. Apr 28 '12 at 20:55
  • 2
    I've -1'ed this, because it *is* used in quite a few situations. WP-Hashcash is quite widely utilised, and there are similar add-ons for popular forum software. See Adam Back's answer for more details. – Polynomial Apr 30 '12 at 12:16
  • The "problems" mentioned here are clearly refuted in the [hashcash FAQ](http://www.hashcash.org/faq/). For example, botnets are currently limited by internet throughput; requiring hashcash stamps would severely limit the rate that they can send spam. – Dan Christensen Oct 24 '14 at 01:37
5

I haven't seen this technology implemented (or openly discussed) in most major commercial email filters.

So hashcash is not a new idea. It dates back to at least 2003. I've heard this concept discussed a bit earlier than 2003 too.

It's based on a simple premise and forces the sender to expend CPU cycles to compute hash tags for each message. I believe this method assumed that each spam message may have been less valuable than the cost of computing the hashtag. If the value of each spam message was greater than the CPU cycle cost, then such a method would not deter a spammer.

With this type of technology, the effectiveness also depends on the recipient's implementation email implementation. If the recipient's mail server didn't enforce or check the results of the hash computation, then any sender can spoof results or simply create a fake value to add to each outgoing message.

The challenge to block spam is to tie together controls at both the sender and recipient. When there's lack of synergy, the effectiveness is greatly reduced or completely eliminated. Imagine if all senders computed hashcash but recipients never checked the has value. That would create an ineffective system where the sender is wasting CPU cycles computing something of no value. In addition, there's additional data to be transmitted per message which increases bandwidth and storage requirements compared to not computing and adding hashcash values in the header.

Most current anti-spam products use a number of different methods to identity spam with pretty high accuracy.

bangdang
  • 1,824
  • 11
  • 9
4

(This is original research using data I cannot otherwise share.)

I have comprehensive worldwide enterprise email telemetry, especially from the US and Europe.

About 0.002% of this mailflow uses Hashcash.

Compare that to the fact that 69.332% of mail uses DKIM, which involves the server signing at least a few components of the email, which has computational requirements (but not guaranteed on a per-recipient basis. Also note that static spam is easier to catch than quickly morphing spam, which requires the signing server to compute new content signatures).

Or perhaps consider that 0.034% of mail is signed with PGP, again involving computational costs, still a good thirty+ times as common as Hashcash, plus it provides sender and content integrity.

If you're a bulk mailer and you can afford the extra CPU cycles, you might as well use Hashcash, but it won't buy you much these days. You're far better off ensuring that you have DKIM and DMARC set up correctly before bothering with something as archaic as Hashcash.

(Data is a 1y sample, numbers last updated 2019/06/05. Hashcash in 2016 was the same percent, PGP has halved since then (though I'm only counting inline signatures), and DKIM has increased by 1.389x.)

Adam Katz
  • 9,718
  • 2
  • 22
  • 44
1

I'm surprised nobody mentioned bitcoin. While hashcash may have been impractical for email systems, it has proved useful in cryptocurrencies algorithms for proof of work of miners.

"Hashcash is a proof-of-work system used to limit email spam and denial-of-service attacks, and more recently has become known for its use in bitcoin (and other cryptocurrencies) as part of the mining algorithm." https://en.m.wikipedia.org/wiki/Hashcash

Clay Risser
  • 111
  • 3