OmniMix • Tutorial • Remailing • Hashcash PreviousTopNext

It seems obvious, that the anonymity presented by the remailer network attracts spammers. That's why the principle of hashcash was developed, which demands a certain amount of computation power from the user for every single message s/he sends. In reality even without those measures only a few cases of mass mailing through remailers have become public, as there are ways to achieve such goals much easier and particularly faster.

But how does hashcash work? Your computer has to do a very complex random calculation up to the precision of a given number of digits based on a specific ressource and the current date. This process occupies a lot of computational power for a certain amount of time dependent on the requested precision. The resulting equation, called 'token', is transferred to the requesting remailer or mail2news gateway, where the evaluation process on the other hand is fast and easy to achieve without needing much ressources. To prevent the multiple use of a hashcash token it contains the date of the calculation and is only valid for a limited period of time (up to some days), within which the target remailer preserves already used tokens.

A real world analogon of this process would be to scan a map for the location of a random place name. While this two-dimensional search is very time-consuming, the validation of the transmitted combination of a name and location can be performed very fast. To prevent from the multiple usage of a search result there's an individual map for every day and service that uses this method.


Hashcash currently is used especially by some remailers for the final mail delivery (also called exit remailers) and mail2news gateways. The hashcash parameters for most of them are already predefined and can be modified at the 'Hashcash' tab.

Ctrl_All_Hashcash_List

Apart from a deactivation in general, at the 'Anon' tab there are switches to activate hashcash for single stages of delivery (entry / exit remailer, m2n gateway).

Ctrl_All_Hashcash_Anon

With the 'T' button you can initiate a test calculation for the selected list entry, which may take some seconds up to minutes dependent on the precision ('Bits') and the speed of your hardware. This is also the estimated amount of time your mail / news client at least has to wait before an anonymous message with hashcash token will be sent.

If the client software raises a timeout error during those time-consuming calculations and aborts the connection with OmniMix, its timeout interval has to be prolonged. With Forté Agent e.g. set the 'PostResponseTimeout' parameter in the 'Agent.ini' file from the given 360 [seconds] to a higher value. The timeout period in Mozilla Thunderbird is initially set to 60 seconds, so that raising it might usually be indicated. Go to Tools > Options > Advanced > General and there either set the 'Connection Timeout' parameter or in the 'Config Editor' enter 'mailnews.tcptimeout' into the 'Filter', right click on it, select 'Modify' and set a higher value. In Seamonkey you have to enter 'about:config' and then scroll down to 'mailnews.tcptimeout'. In any case after those modifications you have to restart the program.

In support of the Hashcash developers' anti-spam efforts it's now possible to mint Hashcash based on the recipients' email addresses. This has nothing to do with OmniMix's anonymization functions! The goal is to make the usage of Hashcash for spam protection purposes more common and to force spam recognition systems to search for recipient-related Hashcash, which, if present, improves the score of the message under consideration of the bits precision, in other words the 'value' of the transmitted token.

As an example here's the Hashcash section of a SpamAssassin 'user_prefs' configuration file:

--------------------------------------------------------------------------------
# Hashcash
ifplugin Mail::SpamAssassin::Plugin::Hashcash
score HASHCASH_20 -1.000
score HASHCASH_21 -1.500
score HASHCASH_22 -2.500
score HASHCASH_23 -4.000
score HASHCASH_24 -6.000
score HASHCASH_25 -8.500
score HASHCASH_HIGH -11.500
score HASHCASH_2SPEND 1.000
use_hashcash 1
hashcash_accept *@my_domain.com *@my_domain.org
endif # Mail::SpamAssassin::Plugin::Hashcash
--------------------------------------------------------------------------------


Within OmniMix the concerning parameters can be found at the 'Hashcash'/'Spam' tab.

Ctrl_All_Hashcash_Spam

Activating the adaptive selection of the bits precision prevents from exaggerated computation times as it reduces the number of bits according to the amount of addresses to be processed with a message. So, no matter whether the message is sent to one single address or to a long list of recipients, processing time stays within the bounds reflected by a single computation of the given bits requirement.

PreviousTopNext