Slashdot Mirror
IBM Researcher Offers an E-Stamp Spam Solution
UnanimousCoward writes "This Internet Week article describes a research project by Scott Fahlman that looks to limit spam using e-stamps. Here is more detailed description of the system under his CMU homepage along with a link to the original paper." As crappy as it sounds, charging some tiny fee per email would cut spam dramatically. 207 of the buggers so far today. Hundreds of megs a month. I'd love to see something done.
cut spam dramatically? how do you explain all the junk mail I get IRL? they pay for postage on that, you know....
I'd rather deal with filtering the spam I get, than have to pay for sending email.
Any solution that involves paying for something that used to be "free" is not going to catch on.
A better solution would be to make people register for a signing certificate and require email software to sign all messages. At least that way people would know who sent spam... and a national spam blacklist could be created for certs that get a certain number of complaints filed against them.
--
"What do you want me to do? Whack a guy? Off a guy? Whack off a guy? Cause I'm married."
As crappy as it sounds, charging some tiny fee per email would cut spam dramatically
Yeah. Sure.
How much crap do you get a day in your postal mailbox? How much of that was sent with a $0.37 First-Class stamp? How much of that was sent with heavily discounted postage because of its "bulk mail" status? (I won't even go into how ordinary citizens end up subsidizing this crap, even junkmail from large companies that could afford a full-cost stamp).
How much you wanna bet that some kind of postage on email won't make much difference, as the cost will either be so low that most won't care, or there'll be ways for companies to get out of it (or to get a much cheaper rate)?
Sure, it might cut back some. Maybe. But remember how the big junkmail senders got cheaper rates in the first place: Lobbyists. So I wouldn't expect it to last.
Yes, it does seem reasonable, but
a) I'm used to having FREE email
b) Once you start charging for something, it's only a matter of time before the fees go up and up as high as it can "sustainably" go, and like stamps we'd be seeing it rise every couple of years.
Fuzzy Knights: New RPG Strips Tuesday and Friday!:
http://www.fuzzyknights.com
Nearly all the spam I get comes from bogus addresses. If SMTP servers did not allow forging of the from: address, the problem would be drastically reduced since the spammers would have to get new accounts much more frequently, and most people would be able to block all the "free" email domains like hotmail and msn, where spam is most probably coming from.
habeas is a way to help prevent spam sent to you. By subscribing to Habeas, you have X-Habeas headers put into your email. You can filter based on these to help prevent more spam and know the email is legit.
Check it out. I don't use it personally, one of the mail lists I'm on uses it.
-- DuckWing
And this is why. Assuming you have the computer, phone line and small monthly fee(depending on service) Email a an effective and free form of coomunications. In effect, you are already paying for it, when you pay for your monthly service. Adding a fee for E-mail would in effect be an "E-Mail tax", but instead of going to public works or anything like that, it goes to line the pockets of the sellers of the E-stamps.
Case in point, bad idea.
You say you want a revolution....
Lots of people have talked about this sort of system (pay $.01 per email you send, receive the same per email you get), but it's good to see someone writing it finally.
A question remains: my Social Implications teacher also teaches Telecommunications Law. She maintains that this sort of thing will open a floodgate of per-use fees on our internet access that we won't want.
I guess that by having a third party do it (instead of the ISP), we can get around that problem for now. Does anyone have any idea if she's right, and if so if it could affect this as well?
-- Bill "Houdini" Weiss
If you read the article, the idea is to whitelist your friends and mailing lists, and then you personally choose to set a fee that you charge for accepting mail from any person/business unknown to you.
So basically, you get paid for receiving email, but you only need to pay if you are in the habit of sending unsolicited email to random strangers.
I do not deploy Linux. Ever.
I don't have a solution to spam, but there are a few things I do that make me feel so much better when I get it.
I own my own domain name so any email address at my domain gets to me. So when I register for stuff, I use unique email addresses every time (i.e. amazon@mydomain.com, circuitcity@mydomain.com). So if anyone SELLS my email address, I know because I start getting spam at a particular address. So anyways... here are my two simple solutions:
1. For every piece of spam that I get, I send a 5 copies back to the mail relay that sent me the mail. If they are going to annoy me, at least I will chew up some of their bandwidth and CPU cycles.
2. And if someone "sold" my address, then I also send 5 copies of the spam to the rat-bastard seller. I hope to chew up their resources as well.
If EVERYONE did this, I think it would totally crash the offenders machines and clog up their big fat internet pipes.
many developers depend on them. I hardly ever send mail to such lists, but read all of them. Not really fair if they'd have to pay for sending me valuable information.
It's so silly to see so many complex anti spam solutions, if all we need is jurisdiction aruond the concept. The biggest issue with spam is that tere's no law forbidding it. Fix that, and trigger happy lawyers will take care of the problem.
When will I end this grieving ? When will my future begin ?
Well, you don't have to pay when you email your friends, colleagues, etc. people that you know (if you read the article). Hmmm... apparently, not many people have actually read the article. You really don't have to pay money unless you are sending out unsolicited emails.
... something doesn't sound right.
But I still don't think that this is a great idea. That's my hunch. Email wasn't designed to pay for it under any circumstance including, what you know today, spam. Once any email becomes non-free, free as free beer, it really changes the way in which email is used today. Sounds like a good idea to me generally, but
I have previously worked at an ISP, and now in a software development organization, and it has always been common practice to send automated emails from webpages or servers.
How would a pay-per-email fee affect people like this? What about the "Forgot Your Password?" links on sites that email your registered email?
I think something like this would hit the Internet a lot harder than people think, since most people just seem to be concerned with Joe User at home sending 50 joke mails a day.
no comment
http://www.pbs.org/cringely/pulpit/pulpit20030313. html
Though I have to say, neither one are originators of the idea - I've seen it plenty of times before, but this IBM guy is closer to the implementation of a system.
That's the supposed goal of Microsoft's Penny Black Project which had a story earlier on /. The idea is to require a small amount of money for each e-mail sent. I don't think I want this to be a requirement that Microsoft implements.
Developers: We can use your help.
This approach means that spammers have to pay for a charity stamp for every single spam they send out. And that would undoubtedly eat into their profits, and prevent the most ineffective spams from being sent.
But here, I think the developer of the idea pushes the logic too far. He says, "The whole spam industry depends on spam being free to the sender," Fahlman says. "If we change the social rules of E-mail just a tiny bit, I think the whole problem of spam goes away."
I think it's far more logical to conclude that the problem won't go away at all. But it might become more manageable, because it will force spammers to only launch campaigns that can return a profit after charity stamp expenses. In essence, spamming will become more like bulk mail. It costs Land's End a dollar a catalog for their postal mailings, and they probably get a 3% response rate, but the profits they make on that clothing is worth continued and highly targeted mailings. The same dynamic may one day be true with spam. And I'd rather get 30 emails a year from reputable companies like Land's End than 3000 emails a year from Viagra pushers.
I've heard a variation of this idea, and I think it might in fact be Fahlman's work, and that the Internet Week article sort of missed the boat on this reporting. In the variation I've heard, the "charity stamp" is expensive, say a couple of dollars. This system would create a social agreement that redeeming a charity stamp is sort of a slap in the face. Your best friend from elementary school could email you, and you'd be perfectly entitled to redeem his charity stamp since he's not on your whitelist. No reasonable person would burn friends and family like this. But what fun it would be to burn spammers this way, having each unwanted email result in a dollar being sent to your favorite charity!
I think this kind of optional redeeming of charity stamps is the core of what would make this idea work. But we'd need to set up a new email/micropayment infrasture to make it possible, and couple it with strict laws that spammers trying to evade the charity stamp face criminal penalties. Creating a new system like this would pose enormous problems, but it sounds workable. I think the bottom line is that the spam problem can almost certainly be reigned in, but whatever approach is used, it's going to take big money, government intervention, and a partial redesign of how email servers currently operate.
As for me, I recently started using the Bayesian filters in Mozilla 1.3's email client. I can't say enough good things about how well this has worked--I've reclaimed my email box. It used to take me ten minutes or more a day to delete spam. But Mozilla does it with uncanny accuracy, and probably with fewer mistakes than I would make if I'm hurrying.
I'm generally "Interesting," "Insightful," and even "Funny" here. What the hell happens to me at parties?
The bulk mail subsidises your 'regular' mail. Your post office runs an infrastructure to let you buy individual bits of gummed paper, tramps around the country individually receiving each bit of mail you've written, tries to decipher the scrawl you've made across the front with the biro and then delivers- all for your 37 cents a pop. The junk mail sender just drops several thousand pre-paid, pre-typeface-addressed identically sized mailshots on their doorstep. They're obviously a lot cheaper to process, but bring up the number of items they handle allowing them to pass on the ability to send a 37c letter to you due to economies of scale.
I think a better though analogous solution was already proposed and discussed on slashdot. Basically, to accept or relay any e-mail (not on a whitelist) the sender would have to perform a small numerical calculation of the recipients choice. E.g. find the roots of a sixth order polynomial with 7 coefficients provided by the recipient.
This takes a few millisecond to calculate the answer and its is trivial to check. One could dial up the problem strength as needed.
For normal users this is a trivial cost since my CPU is definitely idle many many milliseconds every time I send an e-mail. But for bulk senders its a problem.
It could be done either by the relaying e-mail servers or as long at the final recipeint. The latter is probably superior as long as forged sender info does dont create accidental DOS attacks.
In any event, it adds a trivial burden to the amount of internet traffic, and given a reduction in spam traffic over time would save on total traffic. And It cost nothing since it uses unexploited resources. And it would I believe kill any centrally served spam dead.
In fact one could actually get useful work out of this.
Imagine this scheme. To get your stamp of approval you have to get a ticket issued from some grid computing server that supplies the mini-tasks. For example, I might sign up with some service that issues mail stamps in return for doing 1 second of calculation on some easily stated but hard to solve problem (prime searching, etc...)
Some drink at the fountain of knowledge. Others just gargle.
... about an "email tax", consider this: Microsoft's Penny Black Project aims to do the same thing, but implementation only requires some sort of cost, not necessarily monetary.
One method is especially interesting, the CPU-based scheme in which "the sender must solve a recipient-defined puzzle in which computation of the solution is moderately and provably hard." If that were the case you wouldn't even notice if you're sending one email, but a spammer certainly would if he tries to send out 1,000,000 at a time.
Only unknown addresses will be charged, you could probably extend known addresses to include entire domains. Finally, if there's a third party involved, I would think it would be trivial to refund these charges from legitimate people. Finally, you don't HAVE to charge for unknown recipients.
And if the costs are so low that it does not bother me then it will not bother the SPAMMERS either to pay the amount.
Wrong, it WILL bother and even stop many spammers. They're business model completetly depends on their ability to send millions of e-mail messages a day without cost. If you start incurring costs, you've just blown their business model. Even if it's half a cent. Let's see, what's that crazy thing called again? Oh yeah MATH:
$.005 X 1,000,000 messages = $5000
So for each mass mailing of that size, the spammer is paying $5000. Currently a lot of the big guys are sending out over 10 million a week! Hello? That's a log of money!
Now maybe they'll have to actually FOCUS thier mailings and maybe even (gasp!) start pushing products that aren't of dubious value and legal content. Junk is here, but we don't have to tolerate this amount or content.
Computer Science is Applied Philosophy
Wow, more than 100 posts already and still 90% of posters obviously did not grasp the (rather) simple concept. I've seen a number of completely irrelevant objections:
The law would never pass : That's one of the best feature in this idea. No need for a new law. The recipient already has the right to block incoming messages. You know, when your phone rings, you won't go to jail if you don't take the call.
Spammers will never accept this : Of course not, but nobody asks them! Using this kind of solution is YOUR decision; you don't have to ask anybody's permission, especially spammers.
Widespread adoption will never occur : So what? This system will work for me even if I'm the only user. It's not one of those things that require a critical mass of users to be useful.
This will not completely eradicate spam : Frankly, I don't care. If it prevents spam sent to me, it's good enough.
5 cents to read spam is not worth it : You're missing the point. This is not about making money, it's about discouraging spammers. No spammer will ever send you an email if it costs him 5 cents. And the price is not for making you actually read the spam, it's only for allowing it to reach your inbox. In the very unlikely case a spammer actually pays, just delete the message as usual.
So please, read the article. The idea may not be completely new (email stamp) but the details address most obvious objections.
One problem I can think of is still pending : what happens if the sender is also equiped with a similar system? Will we see payment notices bouncing back and forth between both ends without ever reaching an inbox? I guess a solution would be to automatically whitelist any address you've sent an email to, if only for 1 hour.
Now, the really funny part is that ALL of the above (including subject line) is the exact post I submitted on Dec 10, in reply to an article about the same research by the same researcher.
We're discovering the notion of meta-dupe: it's a dupe slashdot story with dupe replies. By the way, my original post was modded +5 informative. If this one gets modded +5 too, we will achieve uber-meta-dupe status: the exact same story, with the exact same comment, with the exact same moderation. Perpetual motion, sorta...
It would be nice to be sure of anything the way some people are of everything.
yeah, and if you become a COMPLETE recluse, you need never speak to, see or be seen by another living soul in your life!
Not using email is NOT THE ANSWER to spam.
That was classic intercourse!
The 2.3 cents per envelope paid in postage can hardly be the largest cost of real life junk mail. TRANSFAL, bud. You could jack up the costs of email to real life levels and you would get the same amount of email, because it's still cheaper than TV, billboards, radio and all that. In fact it's the only way to reach many people so anoyed with adverts that they no longer watch TV listen to radio and make laws against billboards. They will come and they will pay.
In any case the aproach is completely backward.
I'll pay a stamp for Email when the US government or some private company sets up a system just as good as real life mail. If someone can devise such a system where there are NO ACCESS charges whatsoever and all the work but writing the mail is done for me, a stamp might be a reasonable way to pay. As it is, I pay a private company for wires to my house and a private company on top of that to be able to read the web, and another to host and another to have a name. I do not feel like paying yet another party just to connect to another computer on port 25. No, 1,000 times NO. Paying for each and every email I send would be like having the worst of all worlds for email.
Shame on anyone who thinks a novel system that extracts your money will do anything more than extract money in the long run. Rember paying the cable company for advert free TV? Now you simply pay for TV. Anyone who pays extra for email will simply pay extra for email. In the end, the company running the system will be bought and you will get your censored adverts.
The only real solution is to make spam against the law and fine those who send it. A fine on those who receive it is stupid.
Friends don't help friends install M$ junk.