SpamikazeWiki:

Distributed Spamikaze has a number of goals:

There is not yet a design that would fulfill all these criteria. The main problem seems to be that "block a spam source that spammed other Spamikaze instances" requires a push model, while getting a second opinion on an IP address is more suitable to be implemented as a pull model. If you have an idea on how to get this fixed, please write it down here:

Proposal by Walter:

Push versus pull do not necessarily exclude each other. Imagine a Spamikaze message-bus on which it is possible to push spam-trap hits and additional details and requests about a certain IP-address' reputation. This requires additional design goals that have to be met:

  1. prevent spammers from either tarnishing a certain IP's reputation (Joe Job) or from getting a handle on the survivability of their spam-run, as often happens with SpamAssasin and;

  2. maintain anonimity of the involved nodes.

Messages that announce spam-trap hits could have a format as follows:

The message also should be be cryptographically signed by the sender node. To discuss: should the unix_time_of_hit and the application_type not be encrypted using the announcer's public key and have the announcement take place at a random delay in order make detection of spam traps more difficult?

Verification requests could have the following format:

Each node that is not the originator of a request should add a cryptographically signed report of the number or requests it has received from the requesting party in the past hour and remove such reports from previous nodes in order not to reveal the topology of the distributed Spamikaze network.

SpamikazeWiki: DistributedSpamikaze (last edited 2017-12-29 04:15:27 by localhost)