Slashdot Mirror
Microsoft, Yahoo Investigate Spam Solution
bllfrnch writes "The NY Times (account required, yada yada) has an article about the suggestion of email postage to stop the advent of spam. Apparently, both Microsoft and Yahoo! support such an initiative, as they are the largest email service providers. Best quote: ''Damn if I will pay postage for my nice list,' said David Farber, a professor at Carnegie Mellon University, who runs a mailing list on technology and policy with 30,000 recipients'."
Paying for postage already exists, it's called a fax.
This is the worst solution ever and the only reason that MS/Yahoo support it is because of Hotmail/YahooMail. They stand to make huge profits because they host the inboxes of millions of users. Every email received at those accounts would invoice the sender. It's a no brainer for BARRELS OF CASH !!! (tm)
In fact, there already was a good solution proposed a few weeks ago, by microsoft no less. Combine it with Spam Assassin the way Spam Interceptor does (replacing the C/R component) and the solution is plausible.
Story also posted on C-Net (no account required, yada yada).
What hapened to Yahoo's (as yet unveiled) scheme-to-end-all-schemes for authenticating mail? IMHO, I think that SPF:Sender will make great strides towards combatting spam, combined with new laws that make spoofing illegal. And AOL is backing it, so I think there is a good chance for success, as they are both one of the largest sources of e-mail as well as one of the most commonly spoofed domains.
Here is a Washington Times summary that doesn't require registration.
1 23126-8662r.htm
http://washingtontimes.com/upi-breaking/20040202-
And here is a IHT article which appears to feature the same quote as the NYT article. Same article? I won't register...
http://www.iht.com/articles/127677.html
Josh.
How many roads must a man walk down? 42.
It's a ridiculous concept really, the reasons email has become successful to begin with is that it's fast and free. If you charge for email, people will just move over to instant messengers or other systems. And how do you enforce charging people who you may or may not be able to track, the proposal to charge for spam based on the reciever's choice is absolutely ridiculous.
Would this really help?
How come stamps can't stop all the spam I get through snail mail? Please, make those AOL disks stop!
"There is no teacher but the enemy."-Mazer Rackham
There's no way to enforce this. The irony is that the only way a pay-for-email scheme would work, is in the context of a network of trusted mail relays, which is in effect, A WHITELIST.
All this does is prove that eventually, there will be a network of whitelisted SMTP relays that will do more to combat the spamedemic. You don't need to charge money - that's an extra, goofy idea to make profit for a few select corporate interests. It won't fly because millions of systems will refuse to pay the "postage" extortion fee in order to be whitelisted.
Asking the sender to process a quick math question seems a better solution to me.
Spam boxes would be prohibitively expensive due to the heavy requirements for sending millions of spams, and it would have the added benefit of notifying people when their box has been owned due to 100% processor utilization on said owned relay box.
The money option just sounds like pushing for a new revenue stream. To heck with that.
How will this affect websites sending their users emails from requested sources?
Like I'm the programmer of Gemsites, a Slashdot clone. When we register a user, we shoot them an email. So are we going to have to pay money to do that?
Because that would be totally stupid, and it would possibly put an end to discussion websites that require logons to validate users, unless there was a method to bypass the charge for sending email.
The way Microsoft will turn it, would be that we all *should* be paying per email, because of this reason or that reason. Bottom line is Billy Goat Gates on his mountain of cash, trying to pile up more of it.
Everyone, please go home and open your mailbox. Now tell me if having to pay for postage has cut down on the level of unsoliceted mail arriving in you snailmail mailbox.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
What you say? Microsoft would get huge bills because of the abusers of it's Hotmail service? That would be a pity, wouldn't it?
What is wrong with migrating to a replacement for SMTP? What is wrong with developing better challenge/response systems?
...
If email gets a postage fee applied to it, people will stop using it. If I have to pay to send mail to someone at yahoo or hotmail, I would tell that person to get a different email address. No one is going to use email if it has a mandatory fee attached to it. Then again, maybe that's what needs to happen to give people a reason to stop using SMTP
Wasn't one of the hallmarks of a doomed .com company the fact that they tried to get people to pay for something they usually got for free?
Just spitballin' here..
Joe
Why can't MX records become required to list all in AND out going official SMTP for a domain. From then on, SMTP servers could reject non matching MXed sender IPs and if spam does get through - you know you to blame.
What about me who runs a mail server (a legit one at that for a no-profit) on an old Pentium 166? It's a fine smtp server but don't ask it to do any heavy math. This would screw the little guy using old hardware too.
Evolution or ID?
That's naive. You know Ralsky and the like use open relays around the world. He's even contracted some in China. You might tighten a net at best, but eventually you come back to the problem of trying to bill non-USA service providers. Lotsa luck. At best you encourage them to clean up their open relays and implement some decent security, lest their IP traffic be blocked at the border. But this should already be happening. Start locking these things out and they'll get around to fixing things pronto.
A feeling of having made the same mistake before: Deja Foobar
This pretty much says it all. If there's a postage charged for email then email will become all spam, not spam free.
The first to go will be lists like the above, no free newsletter is going to be able to justify paying postage on mailings of 30,000 or more.
Along with that will be the automated emails. Think /. will still email you when someone responds to your post if it costs them? Think again. You will not get email order confirmation, notice about your rebates, shipping tracking information, or other automated business related email that you want either.
Some people might pay a micro payment on some email, but others will not. Rather than being the killer app for the Internet, email will fall into disuse.
While all of this is going on, the spammers are not going to be slowed one damn bit. If they could be held accountable they would be stopped already. They will either continue to sign up for throw away accounts and then abandon them and not pay for the email, or they will continue to make their deals with shady ISP who damn well know they are spammers and let it slide. If a spammer has a deal with an IPS to send spam you can bet he isn't really going to pay the ISP postage fees. Worse yet, the claim will be made that the spammer is paying postage fees, and that those supposed fees omehow make it legitimate for then to cram your mailbox with spam for the p3nis patch and the paris hilton video xjrf.
And one other effect it will have is that I will certainly not pay to forward all the hundreds of daily spam I get to utc@ftc.org, and other spam fighters will see their complaints of spam dry up too.
In short order, much of the valid uses of email will come to an end because of this "postage", and spammers will continue completely unaffected. And it seems hard to believe that Yahoo and Microsoft don't already understand this.
I'm an American. I love this country and the freedoms that we used to have.
Actually, this problem can be solved without charging postage on each and every piece of email.
The problem can be addressed by putting people at risk of being charged postage. This can be done by requiring that senders post a bond of say 1/10 of 1 cent per item sent.
If you are sending 30,000 pieces of mail a week, your bond would only be $30.00. If people like your email, you will never have to pay the toll, but if they don't like it, then you will be subject it.
The folks that will be caught in this web are spammers and direct marketers. They send millions of spams in the hope that just a few folks will bite. If we raise their cost of doing it above the return, they will be out of business ASAP.
The only way to kill spam, which depends on a frictionless mailing process, is to introduce some friction (i.e. cost) into the system.
Yours,
Jordan
Or if we just convinced the RIAA that spam was affecting their music sales
;-)
hummm, I think your on to something here.
how 'bout a peer to peer system that uses open relays. Pit the RIAA against the spammers and let them fight it out!
Thats a fight that I would like to watch!
Free to who, exactly? First you have to pay the CA for the 'privlidge' of using their certificates, then the ISP recieving massive ammounts of e-mail has to get very serious systems to crunch the numbers needed to verify the certificates.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Experience has shown that those who say "simply replace SMTP" do not understand the nature of the problem. It's no coincidence that one of the symptoms of being an anti-spam kook is that your solution involves replacing SMTP
My next sig will be ready soon, but subscribers can beat the rush
(Apologies to those who have seen this before.)
Your company advocates a
(x) technical ( ) legislative (x) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
(x) Unpopularity of weird new taxes
(x) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Extreme stupidity on the part of people who do business with Microsoft
(x) Extreme stupidity on the part of people who do business with Yahoo
(x) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
(x) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid company for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Advantages: real email stays free, spam costs, microtransaction standards emerge.
Disadvantages: Microsoft and Yahoo don't make as much money. Sorry.
mt