Slashdot Mirror
IBM Researcher Offers an E-Stamp Spam Solution
UnanimousCoward writes "This Internet Week article describes a research project by Scott Fahlman that looks to limit spam using e-stamps. Here is more detailed description of the system under his CMU homepage along with a link to the original paper." As crappy as it sounds, charging some tiny fee per email would cut spam dramatically. 207 of the buggers so far today. Hundreds of megs a month. I'd love to see something done.
cut spam dramatically? how do you explain all the junk mail I get IRL? they pay for postage on that, you know....
I'd rather deal with filtering the spam I get, than have to pay for sending email.
As crappy as it sounds, charging some tiny fee per email would cut spam dramatically
Yeah. Sure.
How much crap do you get a day in your postal mailbox? How much of that was sent with a $0.37 First-Class stamp? How much of that was sent with heavily discounted postage because of its "bulk mail" status? (I won't even go into how ordinary citizens end up subsidizing this crap, even junkmail from large companies that could afford a full-cost stamp).
How much you wanna bet that some kind of postage on email won't make much difference, as the cost will either be so low that most won't care, or there'll be ways for companies to get out of it (or to get a much cheaper rate)?
Sure, it might cut back some. Maybe. But remember how the big junkmail senders got cheaper rates in the first place: Lobbyists. So I wouldn't expect it to last.
habeas is a way to help prevent spam sent to you. By subscribing to Habeas, you have X-Habeas headers put into your email. You can filter based on these to help prevent more spam and know the email is legit.
Check it out. I don't use it personally, one of the mail lists I'm on uses it.
-- DuckWing
And this is why. Assuming you have the computer, phone line and small monthly fee(depending on service) Email a an effective and free form of coomunications. In effect, you are already paying for it, when you pay for your monthly service. Adding a fee for E-mail would in effect be an "E-Mail tax", but instead of going to public works or anything like that, it goes to line the pockets of the sellers of the E-stamps.
Case in point, bad idea.
You say you want a revolution....
Lots of people have talked about this sort of system (pay $.01 per email you send, receive the same per email you get), but it's good to see someone writing it finally.
A question remains: my Social Implications teacher also teaches Telecommunications Law. She maintains that this sort of thing will open a floodgate of per-use fees on our internet access that we won't want.
I guess that by having a third party do it (instead of the ISP), we can get around that problem for now. Does anyone have any idea if she's right, and if so if it could affect this as well?
-- Bill "Houdini" Weiss
Quote from the pdf:
"When a message arrives at my machine or mail-server, it is examined. If the sender is on my accept list, the message is passed through to my in-box."
spammers do this with forged email addressess all the time... and pass trough whitelists all the time as well.
How about a protocol for personal PGP stamps.
I can issue stamps with as many tags as I like and configure my email front end to deal with messages based on the stamps
"Friends"
"I am a customer of company X"
"I work for A and buy from B"
"I work for A and sell to C"
"Registered at site M to enter contest"
"Tech web site registration"
"News web site registration"
"Entertainment web site registration"
In the event you went on holiday you could even set up forwarding based on the message stamps.
I have previously worked at an ISP, and now in a software development organization, and it has always been common practice to send automated emails from webpages or servers.
How would a pay-per-email fee affect people like this? What about the "Forgot Your Password?" links on sites that email your registered email?
I think something like this would hit the Internet a lot harder than people think, since most people just seem to be concerned with Joe User at home sending 50 joke mails a day.
no comment
I think a better though analogous solution was already proposed and discussed on slashdot. Basically, to accept or relay any e-mail (not on a whitelist) the sender would have to perform a small numerical calculation of the recipients choice. E.g. find the roots of a sixth order polynomial with 7 coefficients provided by the recipient.
This takes a few millisecond to calculate the answer and its is trivial to check. One could dial up the problem strength as needed.
For normal users this is a trivial cost since my CPU is definitely idle many many milliseconds every time I send an e-mail. But for bulk senders its a problem.
It could be done either by the relaying e-mail servers or as long at the final recipeint. The latter is probably superior as long as forged sender info does dont create accidental DOS attacks.
In any event, it adds a trivial burden to the amount of internet traffic, and given a reduction in spam traffic over time would save on total traffic. And It cost nothing since it uses unexploited resources. And it would I believe kill any centrally served spam dead.
In fact one could actually get useful work out of this.
Imagine this scheme. To get your stamp of approval you have to get a ticket issued from some grid computing server that supplies the mini-tasks. For example, I might sign up with some service that issues mail stamps in return for doing 1 second of calculation on some easily stated but hard to solve problem (prime searching, etc...)
Some drink at the fountain of knowledge. Others just gargle.
I started using ASK( Active Spam Killer ).
It works great. It works by requireing a response the first time someone emails you. They repond to an automated email and are whitelisted. Since spam has it's replay lines forged the spammer never replys to the automated email and you don't get any spam.
Since I have started using this 2 months ago I have gotten 2 spam emails. That is down from about 40 a day.
The other bonus is that unlike filters if someone needs to get an email to you they will and it wont accidentally be junked.
... about an "email tax", consider this: Microsoft's Penny Black Project aims to do the same thing, but implementation only requires some sort of cost, not necessarily monetary.
One method is especially interesting, the CPU-based scheme in which "the sender must solve a recipient-defined puzzle in which computation of the solution is moderately and provably hard." If that were the case you wouldn't even notice if you're sending one email, but a spammer certainly would if he tries to send out 1,000,000 at a time.
.
To end Spam, you must "de-monetize" it.
To do this you must increase the bandwidth loading of the spammer's sponsor (the 'business' paying to have the spam sent) beyond tollerable levels. The only way to do this is with a distributed "insincere curosity attack".
To do this you must write a mail app plug-in that allows you to drop spam into an analyser bucket on your desktop. This analyser would parse the spam for URLs and toll free numbers in the body of the spam. This analyser then routes these "targets" out on to a peer to peer, gnutella style network. As soon as each peer in the network gets about, say, 20 or so copies of that same target submitted from other peers, then a small HTTP client would start making random requests to the target URL or toll free number. This would keep up until the target disapears.
Oh, and to play the Flute, you just blow across the little hole on the one end while moving your fingers back and forth on the outside of the tube.
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency