Slashdot Mirror
Why Isn't SPAM Regulated Like Fax?
byronne asks: "It seems like spam has escalated so much lately that it seems to actually become a quantifiable bandwidth waster. The less bandwidth available, the less productivity due to spam-dedicated bandwidth is lost. Being primarily a phone system transmitted medium, why can't unsolicited junk email be regulated and controlled like junk fax? Just a simple question that I haven't seen anybody ask or relate together." SPAM is becoming more and more of a problem with today's e-mail. I used to find e-mail a valuable tool for communication, but even with filters, folders and SPAM software, I spend more time culling my inbox than I do reading mail (and if I see one more mail with "allhallowmas" in the title, I'm going to go postal!). Is regulation the answer? Many people fear such a move, but might it be time to give it some serious thought?
To what extent is fax regulated? Is it on a national level, or on the state level? More states are starting to impose anti-SPAM laws, so this hardly seems like a revolutionary idea...
This sig intentionally left justified.
Because SPAM has a marginal cost of $0, to both sender and receiver.
It doesn't REALLY cost anyone anything more that you're sending 100,000 pieces of mail versus 1000 to a campus-wide discussion group, EXCEPT for the time that the 100,000 people receiving it must spend deleting the mail.
Honestly, in this day and age a 2,000 byte e-mail is NO load on our servers or infrastructure.
It is a load only on the receiving party.
What I might like to see implemented though is this:
I will run a public in-box to which you must deposit 30 cents with each e-mail you send to it. My friends can just get it back at an appropriate time (since the micropayment architecture allows for zero-fee transactions, they're just entries in a database), or via the e-mails that I send to them in reply, and the businesses that I do business with can just charge me 30 cents more to pay for the privilege of learning about their product, but the businesses that I DON'T want anything to do with will either stop bothering me, or pay me nicely for my time -- I'll glance at 20 subjects, decide I'm not interested in any of them, and wa-la, I've made $6 in ten seconds.
This will have a bunch of good effects:
1. Illegal spam will be traceable to a source, since SOMEBODY's account is making me those micropayments.
2. I will see more products I'm interested in, since companies will have 0 cost of printing advertising materials, only the shipping. Whereas I get some interesting postal junk mail now, I will get more interesting junk e-mail if you remove the cost of printing. Also, instead of the advertisers paying the us postal service, they will be paying me.
3. I will be paid back for what I'm paying my ISP in order for it to uphold my end of the mail infrastructure.
4. etc.
It also shouldn't be that hard to establish this kind of a micro-payment system. Imagine this:
Here is a nonprofit company, xyz, that keeps monetary entries in a database, you can make any transaction for free, but you can only deposit or withdraw money in increments of $50. This keeps enough money in xyz's bank to pay, via interest, the transaction costs of writing out and receiving checks.
This is also a good way of paying artists. I'll send you 5 cents, and when enough people have sent you five cents, you can get a check out of it.
(Of course, to start sending people 5 cents, I will first have to deposit $50, but that's a small detail...also, if I REALLY want my $1.50 out, I can give it to someone I know who has over $50, so that the next time they take out money, they'll take out that much more and give it to me.)
We can even do it so that you don't even need to register to start receiving payments. I can simply mail cmdrtaco@slashdot.org $0.05, and he won't even know about it unless his e-mail receives more than $5, at which time he'll be reminded, once, via e-mail, that he has that much in, and that when it reaches $50, he can withdraw it. Authenticating the e-mail works the same way it does today for sending a gift-certificate to an e-mail address via amazon. You send an only-usable-once URL that requires information from the e-mail in which it appears in order to authenticate.
The best part is, a lot of e-mails might only ever receive less than $50, because people stop caring or the e-mail becomes shut down. In this case, the money just stays in xyz's coffers, to help finance the operation, until the end of time, or until the paying party retracts the money (since it is to an UNVERIFIED e-mail), whichever comes first.
It's a lot better than paypal, which "charges a transaction fee just for changing a number in one of its databases", to paraphrase someone I read on slashdot earlier.
What do we all think? Micropayments for everyone? (Miniature american flags for others.)
I know a BUNCH of famous people I'd instantly donate a dollar or two to, of whom presently I have only the e-mail address...
Marvellous...
(yes, voila.)
Here in Germany, junk mails (e-mails, that is) are considered the same as junk faxes legally. It doesn't help much, though: Either you can't trace the spammers, or they're sitting in some obscure Caribbean country where your legislation has no power.
The reason that junk Faxes are against the law is because of the problems people were having with coming to work and finding a $50 roll of thermal fax paper spewed from their fax machines covered with nothing but essentially the content of most spam we're seeing today. This is a very real cost that you can put a figure on, and very definately was more expensive for the recipient to deal with. I remember hearing some stories of fax machines being tied up for hours with junk faxes.
The problem with spam is that it is hard to put a measurable cost on it, at least for the couple that the average joe gets a day. Plus, regulation in the US will just move the problem overseas in a lot of cases.
That said, I'm convinced that there is a very real cost to spam. I run spamassassin and literally get 200-300 spam messages in my spam folder every day, plus another 20-30 or so which spamassassin didn't catch. Conversely, I get about 20 legitimate emails a day.
On the mail server for the ISP I am the sysadmin for, spamassassin tags 75% of the messages we recieve as spam. We just spent $4000 buying hardware for our new mail server. If we had 25% of the load, we could have probably gotten away with a $1000 mail server instead.
Not to mention the times that a spammer decides to dump 10,000 messages on us within a 1/2 hour taking our mail server down to a crawl.
I'm hard pressed to come up with a workable, implementable solution which has any chance of working long term. Legislation has its problems. Technical solutions are a loosing battle on the filtering front. Economic solutions with advocate micropayments or similar (hashcash, etc) need to reach some sort of critical mass before they will help - but noone wants to implement them until they will. And so on.
There *has* to be a solution to this problem out there that someone hasn't come up with yet (or at least hasn't publicised properly).
I've been using this system for several weeks. I now send out about 100 autoreplies each day (all those used to be spam in my inbox). I now get about 5 spam a day and I'm working to disable some of those addresses. (I still have to find a way to deal with bugzilla since it requires a public email address)
Honestly, in this day and age a 2,000 byte e-mail is NO load on our servers or infrastructure.
:)
Ask the big boys if spam is a problem. The services like AOL, MSN/Hotmail, Earthlink, etc... ask them if "in this day and age a 2,000 byte email is NO load" on their servers or infrastructure.
It's a BIG load and a huge headache.
The problem is that 2KB might not be a lot, but 1,000,000 2KB emails *IS*, and who is footing the bill to process that crap? The consumers that pay for email service, NOT the people sending the spam.
When you force other people to pay for something, when you give them no choice, that's illegal.
(Unless you're the government!
"And like that
See real-time (updated every 10 mins) status here.
(please be gentle. I'm only posting this because it's not on the main page...)
S
No, regulation is not the answer. There are loads of technological solutions of varying complexity: hash cash, authentication, etc. If we care a lot about Spam, we should be working to decide on a technology and implement it in our mail readers. (There are some, already, like S/MIME, that have a fair amount of deployment.)
Think about what you're saying: Legislate to try to extend the life of a legacy system? We should not be encouranging the government to do this kind of thing. How much do we hate the DMCA? How much will we hate the anti-anonymous e-mail law? Don't we *want* authenticated and encrypted communication anyway? Why do we use ssh for typing commands at our shell (pretty boring to read, except for passwords) but SMTP for our english messages (often much more sensitive!)?
But that I recall, this bill was more or less forgotten on the Senate floor.
This sig no verb.