You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Sebastian Nielsen <se...@sebbe.eu> on 2017/06/05 22:09:45 UTC

Which is the accepted format of the HashCash header?

Which is the SpamAssasin accepted default format of the HashCash header?

 

Im talking about the rules:

Rules/HASHCASH_20 through Rules/HASHCASH_25 and Rules/HASHCASH_HIGH and
Rules/HASHCASH_2SPEND?

 

What I have understand, these rules are enabled in a default Spamassassin
installation, but despite me of including a X-Hashcash: header in all my
outgoing mails, the rule isn't triggered.

Have tested with multiple third-party SpamAssassin installations.

 

Im using the v1 format, described here:
http://hashcash.org/draft-hashcash.txt

 

Do the receiver server need a hashcash verifying program installed for
hashcash to be enabled? (Can't SpamAssassin verify hashcash's itself?)

 

Best regards, Sebastian Nielsen

Re: Which is the accepted format of the HashCash header?

Posted by John Hardin <jh...@impsec.org>.

On Mon, 5 Jun 2017, John Hardin wrote:

> On Tue, 6 Jun 2017, Sebastian Nielsen wrote:
>
>>  Which is the SpamAssasin accepted default format of the HashCash header?
>>
>>  Im talking about the rules:
>>
>>  Rules/HASHCASH_20 through Rules/HASHCASH_25 and Rules/HASHCASH_HIGH and
>>  Rules/HASHCASH_2SPEND?
>>
>>  What I have understand, these rules are enabled in a default Spamassassin
>>  installation, but despite me of including a X-Hashcash: header in all my
>>  outgoing mails, the rule isn't triggered.
>
> They are based on the hashcash plugin. If the hashcash plugin is not enabled, 
> they will not be executed. I don't believe it is enabled by default - look in 
> your v340.pre (et al) file in your config directory.
>
>>  Do the receiver server need a hashcash verifying program installed for
>>  hashcash to be enabled? (Can't SpamAssassin verify hashcash's itself?)
>
> No, but the plugin does need to be enabled.
>
> I suspect that hashcash never got enough traction for it to be enabled by 
> default in SA. I doubt many sites will be performing hashcash checks.

...wait, it *is* listed in init.pre, so it looks like it *is* enabled by 
default - my bad.

-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   The yardstick you should use when considering whether to support a
   given piece of legislation is "what if my worst enemy is chosen to
   administer this law?"
-----------------------------------------------------------------------
  Tomorrow: the 73rd anniversary of D-Day

Re: Which is the accepted format of the HashCash header?

Posted by John Hardin <jh...@impsec.org>.

On Tue, 6 Jun 2017, Sebastian Nielsen wrote:

> Which is the SpamAssasin accepted default format of the HashCash header?
>
> Im talking about the rules:
>
> Rules/HASHCASH_20 through Rules/HASHCASH_25 and Rules/HASHCASH_HIGH and
> Rules/HASHCASH_2SPEND?
>
> What I have understand, these rules are enabled in a default Spamassassin
> installation, but despite me of including a X-Hashcash: header in all my
> outgoing mails, the rule isn't triggered.

They are based on the hashcash plugin. If the hashcash plugin is not 
enabled, they will not be executed. I don't believe it is enabled by 
default - look in your v340.pre (et al) file in your config directory.

> Do the receiver server need a hashcash verifying program installed for
> hashcash to be enabled? (Can't SpamAssassin verify hashcash's itself?)

No, but the plugin does need to be enabled.

I suspect that hashcash never got enough traction for it to be enabled by 
default in SA. I doubt many sites will be performing hashcash checks.

-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   The yardstick you should use when considering whether to support a
   given piece of legislation is "what if my worst enemy is chosen to
   administer this law?"
-----------------------------------------------------------------------
  Tomorrow: the 73rd anniversary of D-Day

Re: Which is the accepted format of the HashCash header?

Posted by RW <rw...@googlemail.com>.

On Tue, 6 Jun 2017 00:09:45 +0200
Sebastian Nielsen wrote:

> Which is the SpamAssasin accepted default format of the HashCash
> header?
> 
>  
> 
> Im talking about the rules:
> 
> Rules/HASHCASH_20 through Rules/HASHCASH_25 and Rules/HASHCASH_HIGH
> and Rules/HASHCASH_2SPEND?
> 
>  
> 
> What I have understand, these rules are enabled in a default
> Spamassassin installation, but despite me of including a X-Hashcash:
> header in all my outgoing mails, the rule isn't triggered.


Take a look at the documentation

http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Plugin_Hashcash.html

You need to set  "hashcash_accept". 

Given that it doesn't work by default, I suspect it's a complete waste
of time.