I forgot about #Hashcash (the framework that inspired #Bitcoin mining). If you're not familiar, it's a proof-of-work system to combat email spam.
I was rather entertained reading this answer on the Information Security Stack Exchange.
In 2016:
- 0.002% of mail mints Hashcash
- 0.034% of mail is signed with #PGP
- 69.332% of mail uses DKIM
In 2019:
- Hashcash was about the same
- PGP signatures dropped by half
- DKIM increased by 1.389x
Apache SpamAssassin was the only spam filter I'm aware of that could positively score mail based on the number of bits mined in the Hashcash token.
SpamAssassin dropped support for Hashcash in 2019 with version 3.4.3 and later.
And with that, it truly gets relegated to the archaic solutions for fighting email spam.
> "You're far better off ensuring that you have DKIM and DMARC set up correctly before bothering with something as archaic as Hashcash."
https://web.archive.org/web/20231003165810/https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7728
This document deals with end-to-end cryptographically signed email. It introduces a novel structure for signed email that is designed to avoid creating any disturbance in legacy email clients. This "unobtrusive" signature structure removes disincentives for signing email.
@atoponce Isn't inline #PGP signing discouraged these days[1]? Also, PGP hides signatures for encrypted emails. So I wonder if whatever was generating the statistic was counting MIME signatures and encrypted emails...
Aaron Toponce ⚛️
PGPkeys EU
Bruce Walzer 🇨🇦