Slashdot Mirror
Penny Black Project Investigates Sender-Pays E-mail
Anonymous Coward writes "The Inquirer reports: Microsoft contemplating charging for emails. 'MICROSOFT IS UNFOLDING something it calls the Penny Black project in which people sending emails might have to pay for the privilege.' Microsoft's explanation of the project is here: The Penny Black Project." There are a lot of things going on at Microsoft Research -- no guarantee that particular ones are going to be released in the real world. (And Microsoft isn't the only party interested in sender-pays, or at least sender-risks-paying systems.)
I think my desire to see the 1998-99 internet doubles every time I see a story like this.
It is rapidly being forgotten that things being free was one of the reasons why this internet thingy took off in the first place.
SecondPageMedia - Wha
from the article:
The Penny Black project is investigating several techniques to reduce spam by making the sender pay.
Well sorry, but I get a pile of junk mail every week on my doormat through my post and in my papers - and the senders have had to pay both to print AND send that...
Feel that power? That's mah MOUSING FINGER
This whole thing is really just a way to deal with the fact that SMTP doesn't do any real authentication of ANYTHING when it receives a message. Developing a whole side protocol to run along-side SMTP and "verify" that a message is sent by a human or creating some micro-payment scheme really seems like a waste - getting it widely adopted would be at least as hard as getting a replacement protocol for SMTP adopted - so why not focus on that?
An SMTP replacement that verified - at least - that the domain of the sender was correct - would cut down on spam tremendously. Virually all spam I get has forged headers and invalid reply addresses.
... but I still don't trust Microsoft.
I think the solution to spam should be an open, non-proprietary solution, which means it will likely be open-source or IEEE/W3C approved.
AC comments get piped to
The Penny Black project is investigating several techniques to reduce spam by making the sender pay. We're considering several currencies for payment: CPU cycles, memory cycles, Turing tests (proof that a human was involved), and plain old cash.
This just looks like a group (of smart people) that are investigating ways to reduce spam.
--sex
Very popular slashdot journal for adul
Since spammers most often hijack the resources of others to send their spam, making the "sender" pay directly will often hit the wrong person in the pocket. The real solution is to prevent the hijacking of resources in the first place. It does look like some of the Microsoft Research proposals (the Turing test idea in particular) might address this problem to some degree too, it will be interesting to see some more details once the research has progressed.
This wouldn't bother me one bit. I don't have any desire to send messages to anyone with any of those addresses. Nor do I wish to recieve email from anyone with those addresses.
The unfortunatly thing would be that I can see the US postal service jumping on board with this. Issuing every US citizen a unique email address and then charging for it's use. Which I also have absolutly no desire to have, or pay for.
What about sites that run mailing lists? What about forums that have "email me when someone replies to this topic"? What about sites that use email as a way of sending username/password to new subscribers?
This will hurt these sites (that are often run out of the webmaster's pocket with no profit turned)
Changing SMTP means switching over every SMTP server and relay.. that's a lot of work and there's a lot of financial resistance to that.
On the other hand this micropayment system can be implemented on TOP Of SMTP... using a server that issues digitally signed tickets, which can simply be appended as an attachment to the emails.
Certainly this system will meet some resistance as well, but much much less. It will only require the clients to change what they are using, not the servers. However in the long term we could probably consider a replacement for SMTP... for example we could roll out the client code together with the client code for this Penny Black system. Then, if this system gets wide spread then people can deploy replacement-for-SMTP servers confident that clients will be able to use them
Let's say the guys over at Penny Arcade want to send a gif out to all their loyal fans. Let's say their mailing list was 5,000 people long. It's gonna cost them $50! And if you charge per MB, it'll probably cost even more. Spam, like piracy, needs to be fought with a technical solution. These penny-a-mail type hacks just end up hurting the little guy.
c-hack.com |
every mail over 100 per day through a server outside of the inteernal network (you know to the internet) would cost 1 cent a peice.
IE you could send 1000 internal e-mails over your own network and pay nothing.
You send 1000 e-mails to people "outside" of your inernal network in a day you pay 900 cents, or for those of you with math mad skillz thats 9 bucks.
So a spammer trying not to pay a lot of money would have to send only 100 e-mails a day for free.
if he sent 5000000 e-mails in a day thats 5000000-100, 4999900 pennys, or for those of you in the math "know" its 49,999 dollars.
Now im sure that if a spammer were to have to pay 49999 dollars to send E-MAIL, their business would become less than profitable.
Most users dont send 100 e-mails a day, even when i was getting 70 e-mails a day i didnt reply to all 70.
auto responce mails could be ignored.
large companies might get a "bulk" rate on e-mail, or move there services to online methods of checking (IE they dont have to flood mail servers with 'gamespy announces it got cooler') kind of e-mails.
anyway the idea has some merits, though even now I can tink of a great many problems with it.
anyway just a little teaser idea.
If you don't vote, you don't matter, so don't waste your time telling me your opinion
So if you send an email, you have to put a penny on the line. If it gets through, and the person on the other end doesn't think it's spam, then you get your penny back.
This is an interesting idea.. I just don't see how its any better than forced verification of the originating addresses on an incoming email, though.
I mean, I can see how this could get expensive for the type of people who forward around those annoying chain emails, or jokes or what have you. Undoubtedly, they'd cut it out after realizing that people aren't reimbursing them for their email. But for the spammers at large..
See, the thing is, you're putting the responsibility for this back on the users. If I get an email, I'm either going to have to manually reimburse them, or manually not reimburse them. The onus is still on the end user.
Sure, they might be investigating Turing-test checks for spam, and the like, and yes, there is Bayesian filtering now too. But this is all still going to have to be there to automate the process, even with this transaction system.
I would've hoped that, by now, we'd be looking at ways to move this onto the system, in the form of proper verification or something, so we the users don't have to deal with it as much. (To those of you talking about having to upgrade all of our infastructure to handle verification, should the protocol change, what makes you think we wouldn't have to if a transaction pay-per-email system comes into place?)
The other problem I see is that these spammers might just not care about the cost. I mean, c'mon, a penny an email? That's still cheaper than a snail-mail ad.
How you say when a mailing list (a message that goes to a lot of mail addresses) is a "normal" mailing list or spam?
.NET installed), this could be more harmful. How you detect an spammer that don't have this kind of software/control installed from, say, someone with a normal mail server, that don't send spam but for any reason don't "upgrade" (if this is possible) the mail server?
If you force the remote machine to do a calculation, pay something or pass a turing test most mailing lists will disappear. If its implemented in some server (lets suppose Hotmail to fix ideas) then all users there that want to join mailing lists wich administrators don't want to afford whatever measure of this kind, well, would have to leave hotmail or open a mailing list account somewhere else.
Using white list could be a solution, but this also could limit the freedom of having your own mailing/distribution list.
And speaking of this, if you server is not ready to pass the MS test (i.e. it requires
It seems the only truely effective way to prevent SPAM is to charge for it. So far every technological SPAM blocking technique has failed to completely protect against it. It's just a matter of time before spammers find a way around any new technological solutions possible.
We are talking about creating a new protocol for sending and receiving mail. For this work everyone on the Internet will have to use the new protocol. Since not everyone will move to the new protocol, there will have to be a bridge between the new and the old. As long as a bridge exists (forever) there will be the problem of non-paying senders.
Doesn't it suck to be Microsoft; you come up with some at least half-sensible idea, something that under normal circumstances people would debate the pros and cons. But everyone so little trusts them that the natural reflex response is "noooo!"
Microsoft: "Hey what if we abolished spam?"
"Screw you! An obvious attempt to embrace and extend!"
"Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
Wether or not I have actually paid for anything they have ever made (which is also debatable if they made it or just stole it), it looks like this will be the "one" that gets all 50 million hotmail users to "pay" in some form for using free e-mail (hotmail. MSN) for the past several years. NOT GONNA HAPPEN PEOPLE!
I tried to think of a good sig, and this wasn't it.
A lot of the email I send (and receive) is in reply to usenet posts. I won't know in advance who wants to send me genuinely useful email from comments to usenet posts, nor do they know I have the answer to their question.
Every email account has a notion of a "ticket pool". A valid ticket is very expensive to create. Say, it takes 5 minutes to make one on a fast modern machine, at 100% CPU.
...However, if you are a spammer, and you want to send 1,000,000 emails per day
... you'll just use a million copies of the same ticket.