[wheelerwj]

How often does spam come encrypted with your public key anyways?

[Neliquat]

Much more often if this is used as a spam measure.

[e12e]

Maybe. Still requires a re-encryption of the symmetric session key for every recipient - effectively proof of work.

"stretching" the equivalent of rsa(session_key, public_key) might be feasible?