E-mail Tax As Way Of Preventing Spam

scubacuda writes "This FT article criticizes current attempts to regulate spam. Re: Lessig's bounty-on-spammer proposal: 'This is a terrible idea that will make millionaires of two classes of people: reprobates who illegally maraud through others' hard drives; and those who have built their expertise about spam by peddling it, 'He considers the recent FTC spam conference "barking up the wrong tree," and thinks that the simplest way to regulate spam is through a tax: 'This requires smashing some myths....But, very soon, the Internet should turn into a penny post, with a levy of 1 cent per letter. This would cost the average e-mailer about $10 a year. Small companies would pay bills in the hundreds of dollars; very large ones in the thousands. And spammers would be driven to honest employment. The tax could be made progressive by exempting, say, those who sent fewer than 5,000 letters a year. The proceeds could go to maintain and expand bandwidth.'"

Enforceable?

[Surak]

First off, how the fsck do they intend to even enforce something like that? I can setup an e-mail server on a *nix box in 5 minutes. (Literally, I know I've done it). How do you account for how many e-mails a user sent?

Secondly, what about businesses? We probably send at least a few hundred (non-spam) e-mails a day out to the public Internet where I work, we'd get hit pretty hard.

And lastly, this is just an other tax, another form of revenue generation. We don't NEED more taxes. I'm sick to death of the government sticking out its greedy little hand. Go AWAY! I already pay tax on everything I buy, every drop of gas I put in my car, every cigarette I smoke, every drop of alcohol I consume, and every dollar I make. I pay property taxes, and I pay a form of tax when I go to the state parks to camp. I pay a tax to license the car I drive, and to just have the privelege of being able to drive.

No, I'm sick of it. Put your greedy little hand back in your pocket and go away!

Author doesn't know what he's talking about

[arvindn]

What he proposes is the best way to kill e-mail. I can think of several problems right away:

• The spam problem currently exists mainly because we can't track down spammers. Until you solve that, implementing an e-mail tax will never get off the ground.
• What about open relays? Of course its stupid and irresponsible to have one, but now you could now find yourself being taxed thousands of dollars for doing so?
• What about an worm/trojan sending out bulk e-mail? Punishing the victim is a great idea.
• How do you deal with mail across national boundaries? I wonder if he has thought about the world about the USA.
• What about mailing lists? How do you propose to tax them? They take up more bandwidth than a single e-mail but less than n individual emails. Defining all these would lead to such a messy overregulated internet that it will lose all trace of what it was like formerly.

This guy has no idea of the technicalities of the internet.

Look at this statement:

The simplest way to regulate spam is through a tax. This requires smashing some myths. A decade ago, Americans were gulled by politicians of both parties into believing that taxing the internet exceeded the government's capability. When that proved to be manifestly untrue, they were told that a tax would be an affront to some mythic libertarian "spirit of the internet".

Mythic, eh? Has this troll heard of usenet? This is just an anti-libertarian rant/flame from some disgruntled control freak. Ignore it and move on.

Okay-- so what is "email", then?

[adjuster]

My largest fear from this type of proposal comes from the potentially vague definition of "email" that might be created. What is email, exactly? Are we talking about only SMTP? If so, what about "Instant Messenger" spam? Maybe we should classify instant message protocols as email, too. What about USENET? Should we classify NNTP as email, as well? What about SMS spam? What about the "next big thing", whatever it turns out to be? Perhaps we should have taxes based on IP packets sen1! That would be about as sane... yeesh!

Think I'm making this up? I had one customer who was ranting to me about their LAN-based "email" not working (a year ago, mind you). Upon closer inspection, I found their "email system" to be "WinPopUp" running on each PC that they'd use to send pop-up messages to each other. That was their "email". Think of your own relationships-- you know at least one person who calls instant messenger systems "email" (much like those novices who confuse RAM and hard disk space and call them both "memory").

The Internet works because we all agree to abide by the same standards, and agree that ICANN is the authority for naming / numbering. This spirit of cooperation works because we all benefit-- not because some government legislated it so. If some idiotic "email tax" does get legislated in the U.S., we run the risk of making ourselves into "second class" Internet citizens, and creating the "United States Internet" and the "rest of the world's Internet".

Spam is a social problem being "enabled" by technology. It cannot be legislated away, because it breeds on human nature: the desire to have large returns from little work. Real answers are things like ubiquitous public-key infrastructure, signed email, reputation "credits" (or "karma", if you like), and accountability. The decentralized "web of trust" model of PGP combined with the "reputation credit" model of eBay is what I'm talking about. Imagine an email client program that categorizes incoming mail based on the "cred" accumulated by the sender in a decentralized, non-government controlled "reputation tracking" system.

Taxes and laws aren't going to solve the problem. They're going to stifle the real power the Internet has-- bringing people together and enhancing communication. Worse-- they risk making an "island" of any country who would enact such idiotic legislation.

How retarded

[A+non+moose+cow]

Every problem that we have that revolves around a man-made technology is fixable with a man made technology. We don't need taxes, we need to fix the core of the email system.

"The simplest way to regulate spam is through a tax."

Perhaps this is true, but the simplest way is almost NEVER the best way. How are you going to define the differences between email and every other electronic message passing? Will the tax suddenly apply to IM's? then web pages? then internet phone calls? What happens 20 years from now when the technology is different? Will the tax stop? Hell no! Most likeley there will be a new tax code buried in every little packet so that the government can get even more money for nothing.

Why should the burden of the "fix" for this problem be shouldered mostly by the people that it is trying to "protect"? I don't want to pay my government for the privelage of doing something that was previously free. That does not solve anything! I want the people sending spam to pay ME!

This tax might sound innocent on its surface, but it only takes one little thing like this to make it seem acceptable to throw a tax on every digital transaction.

To all you dopes that think this is a good idea, think about the big picture. This point in time is not static. Technology is changing constantly. Spam will die when the time is right. For now we can just deal with it with the methods available to us. Do not let the government see the Internet as the latest frontier where they can profit by "saving us from ourselves".

Good Idea in theory.

[jellomizer]

But in real life it is not going to work.

1. Whos job will it be to monitor all the e-mail traffic. The sender or the reciever.

2. Spammers use Open Relays or fine vulnerabilities in the persons system (thus able to send 1 message to a hundred users) or sending data threw a non smtp protocol. Thus avoiding the tax or minimizing it $.01 for a million messages. and the poor victim besides getting blacklisted has to pay $10,000 in taxes.

3. When being sent threw a foreign site. How do you collect taxes from them?

4. How do you enforce this?

It seems like a good idea in the perfect world but it is not. All this will end up doing is putting extra expense on the honest business man and individual. But most spammers are far from honest and would end up doing what they have been doing.

Re:Manifestly untrue.

[rjh]

Great. Now you're advocating changing an IETF RFC away from its original intended purpose (protecting data in transit) and towards a specific purpose (making it a CPU tax) by the introduction of new MUSTs which serve absolutely no useful purpose towards its original task?

Think about it for five minutes. You'll come up with half-a-dozen methods which don't involve subverting an IETF standard.
.
.
.
.
.
.
.
.
.
.
Free hint: require a mailer field, X-SHA1-Hash, which is a 20-byte hash of (a) the message, (b) the timestamp, (c) the sender, (d) the original mailserver, and (e) the receiver. Anything which doesn't have an accurate X-SHA1-Hash gets discarded at the destination MTA. Presto. You achieve your CPU tax, but you don't subvert an IETF standard in order to do it.

I leave finding all the flaws in the above idea as an exercise for the reader.

Think outside the box.

[uberdave]

I'm going to guess that you're an american. Americans tend to have this blind spot that extends from their borders and works outward. Most of them tend to ignore (and be ignorant of)the rest of the world. For example, in the movie Outbreak a plague is sweeping across the States. There is a scene where they extrapolate the spread of the disease. Curiously, it never crosses the borders.

The idea of taxing email, or having a government sender verification site, contains the assumtion that the internet is somehow contained in a single country. When a Pakistani is sending an email to a Turk, who's government website is the Turk supposed to check? What is the tax to be paid in? What happens with a country that decides that it will not comply, how do you check the key?

Spam is an international problem. It cannot be fixed by a national solution. Legislation will not work, because there will always be countries which do not comply. If there is going to be a solution to spam, it is going to be a technical solution, not a legal one.

Re:Is taxation best?

[mdinowitz]

I run a number of mailing lists and on a good day can send out a million messages. This is all for community support with no profit at all on my side. A law like this would kill me and every other community supporter who supplies such a service.

Why not just limit it at the server?

[evil_pb]

Open relay problems aside, why not just limit the amount of mail a server will allow to be sent in a set period of time by a user?

Imagine what would happen if the most popular mail server applications (i.e. Sendmail, Postfix, Exchange, Groupwise, etc) simply all agreed to implement a throttle control into their code. Allow it to be configurable, where something like an email list can send as much as it needs (trusted accounts), but untrusted accounts are limited to maybe 100 or 200 emails an hour. Spammers work by sending emails in the thousands or millions, as fast as they can. Ignore the from: header since it can be forged ... track them by IP address. It would be very hard for someone to come up with a new IP address every couple hundred emails and re-establish the connection to the server from a time perspective.

I think eventually the spammers would have nowhere else to go; if a version of sendmail came out with this feature, I would install it in a second, even though I'm not an open relay. Legitimate users cause these problems too.

I would even go so far as to say the ISP's need to take some action here, if it's really such a problem for their precious bandwidth. Monitor the SMTP volume coming through their network - set limits. Test their client systems periodically for open relays, block or severely limit the ones who do not comply after giving them time to work it out. A lot of admins, sadly, simply do not know better, or are very lazy until prodded. Tell them their server won't pass traffic until the relay is closed and watch them comply real quick. If it's a signed user agreement, they can't do much about it.

I require this of my Co-Lo customers; if they have a server, I *require* them to keep it patched, email relays closed, etc. I do check from time to time, and it's in their agreement with me that I reserve the right to disable any access to their server I deem necessary to preserve the integrity of the rest of the network. Not a single one has complained about that, and in fact all were pleasantly surprised to see a provider take such a pro-active approach to service integrity. Is it more overhead for me? I have found that it may seem like it initially, however by enforcing this it is actually less work than dealing with constant cleanup. Think about it. It's a shift in the paradigm of "customer can do no wrong", to "customer sometimes just needs to be shown the way".

Just adding a throttle control to email servers... That's all it would take. Just getting providers to tell their customers to stop causing the problems, is all it would take. Doesn't this seem like a hell of a lot less work than taxing email or any of the other mess of solutions presented?