Gates on Spam

pvt_medic writes "Microsoft is proposing a new system that would require people to pay to send e-mails. Postage would be in the form of allowing others to use your computer to make calculations, similar to the SETi@home project. There are other systems being suggested that would include monetary stamps and people could decide on accepting an e-mail based off the value of the stamp. (story has great picture of Bill Gates as well)" Gates' proposed system will be Microsoft patent-encumbered, unsurprisingly.

Cha ching, reloaded.

[monstroyer]

This has been discussed before, and i replied to this before. Allow others to make calculations on your computer, eh? Would those calculations happen to be the spam solution MS Research came up with? Why don't they stick to that solution?! Strap it to SpamAssassin like these guys do but replacing the C/R, it's gold!

Similar to Seti@Home, sure... Except you pay Microsoft to have the calculations considered.

Also, what is Gates holding in that picture? A joint? Is that was he's smoking thinking people will accept this idea as part of their daily email lives so that microsoft can make even more barrels of cash?

Re:Cha ching, reloaded.

[JUSTONEMORELATTE]

Also, what is Gates holding in that picture? A joint?
Shhh... It's an iPod mini

Re:Cha ching, reloaded.

[PedanticSpellingTrol]

Looks like a candy bar to me.

Wonder where he hid the baby?

Re:Cha ching, reloaded.

[Lawbeefaroni]

He's smoking a wad of cash. If this is implemented, exploits in Windows and outlook that allow viruses to email copies of themselves will be making him money. "Let's um, hold off on that patch for a bit longer, shall we? Muwahahahahaha!!!"

Re:Cha ching, reloaded.

[helmutjd]

If you read the article, it's actually nothing to do with anything like Seti@Home, or any distributed computing application. The computation is simply there to consume time, so that it takes longer to send a message. The mail server knows the answer in advance, and if the client provides the correct answer, the message is relayed... if not, it's denied. That way, spammers HAVE to perform the expensive computation, which significantly slows their mass-mailing efforts. Typical users wouldn't even notice the delay (it could be done in the background or whatever, after the user clicks send). The results of the computation itself are meaningless... so nobody benefits from them, including Microsoft.

Re:Cha ching, reloaded.

[Sapwatso]

And how is it going to know the answer in advance?

Just a guess, but maybe the mail server would know the answer in advance because it used the answer to calculate the question? Couldn't the calculation to generate the question from the answer be orders of magnitude easier than the reverse?

Re:Cha ching, reloaded.

[TheFrood]

There are all kinds of problems that are much harder to do in one direction than in the other.

Example: Factor 56,029,043 into primes. You're welcome to use Matlab, octave, xcalc, or whatever.

Answer: 7 times 19 times 43 times 97 times 101.

How long did it take you to solve? A lot more time than it took me to come up with the problem, because all I had to do was pick five primes and multiply them together. Obviously, a computer could factor that number trivially, but the concept scales easily to much bigger primes.

TheFrood

Re:Cha ching, reloaded.

Couldn't the calculation to generate the question from the answer be orders of magnitude easier than the reverse?

Its public-key crypto in reverse! Generate several big primes and multiply them together. Send the product and ask for the factors.

Re:Cha ching, reloaded.

[milkman_matt]

The mail server knows the answer in advance, and if the client provides the correct answer, the message is relayed... if not, it's denied. That way, spammers HAVE to perform the expensive computation, which significantly slows their mass-mailing efforts.

Ok, I quickly read over the article, so I may have missed something... However I had to respond to this particular point that you make. If this is going to be 'expensive computation which significantly slows [spammers'] mass-mailing efforts', won't it do the same for legitimate mass-mailing efforts as well? Newsletters? Daily mailings? News updates? I can think of several legitimate mass-mailing systems that I myself subscribe to, and I like getting them, if this makes it expensive for mass-mailing, then I may just lose the stuff that I signed up for as well as the stuff that I didn't (spam). I don't think that's necessarily the best approach..

-matt

Re:Cha ching, reloaded.

[ivan256]

You could whitelist those senders so they didn't have to perform the computation.

Either way, a patent encumbered system is unacceptable, no matter how technologically sound it is.

Re:Cha ching, reloaded.

[macdaddy]

And what the hell are we providers supposed to do? We're already having to upgrade our mail system to deal with the unbelievable increase in infected email and spam. Now we're supposed to add computations to each and every message that passes through our boxes? Who the hell is going to pay for that? We're having to "absorb" the costs of the 3 new SMP boxes that will make up our new mail system. We can't afford to do this ever couple of months. That is unless YOU as a customer want to foot the bill. How would you like to pay an extra $10/month for your Internet access? I didn't think you'd like it. And who's going to pay for the inevitable Microsoft licensing fees? We're sure as hell not going to.

Re:Cha ching, reloaded.

[glenalec]

> Why would they want to pay for something (either monetarily, through CPU sharing, etc...) that they've gotten essentially for free

Well, for 94% of them, they'd 'want' whatever Bill Baby had pre-installed on their system when they bought it! If they will put up with and make excuses for a system that allows virus-of-the-week and crash-of-the-day, why not put up with paying for email (especially if free email involves a scary extra software installation). If this thing went live, five years from now most of that 94% would have happily convinced themselves that 'it was always like that.'

Re:Cha ching, reloaded.

[Coryoth]

Example: Factor 56,029,043 into primes. You're welcome to use Matlab, octave, xcalc, or whatever.

You need to pick bigger primes:

$ factor 56029043

56029043: 7 19 43 97 101

$


never underestimate the effectiveness of a little GNU tool like factor - sitting waiting right at your nearest bash prompt (which can be surprisingly close).

Your point is entirely valid of course, the example is just a little too easy.

Jedidiah.

Gates/Chong/Pope?

[garcia]

story has great picture of Bill Gates as well

Is he praising Mel Gibson for Passion of Christ? Is he smoking one incredibly fat doober that would make even Tommy Chong jealous? Is he trying to convince the Pope that Longhorn isn't named after a pornstar? Or is he really just THAT great?

You decide.

Seriously:

Instead of paying a penny, the sender would "buy" postage by devoting maybe 10 seconds of computing time to solving a math puzzle. The exercise would merely serve as proof of the sender's good faith.

And how the fuck would this make a difference? So what? The computer that is supposed to do the work is going to be like Johnny Badass in 2nd grade math class... They are not going to do their homework and just try to bluff it through class. If they do end up having to hand it in to be graded they are just going to get around it some other way. We will end up blocking just as many hosts as before.

Gates' proposed system will be Microsoft patent-encumbered, unsurprisingly.

No kidding. Gates came up w/it why would you be surprised he wouldn't want to protect his idea? No conspiracy here... Was the comment necessary?

Just my worthless .02,

GPL?

[Qeygh]

According to the Info World article about Microsoft's Caller ID patents, Microsoft's license "... will encourage all parties involved to allow the Caller ID technology to develop and improve without being hindered by license restrictions or royalty schemes"; and "Microsoft wants to do more than merely give (Caller ID) away, they also want to make sure nobody else can profit from it."

Seems like a perfect application for the GPL to me. :-)

Dear Bill:

[mrpuffypants]

No.

Love, Tom.

Solves the wrong problem.

[Dominic_Mazzoni]

Charging for email doesn't discourage spam. It discourages mass email. But there are many legitimate uses of mass email, like discussion lists, automated order confirmation emails, etc. - and increasing the costs of sending this type of mail will hurt open-source developers and small businesses the most.

It's not surprising that Microsoft doesn't see the problem with this. They can afford to buy a few more mail servers to handle all of microsoft.com's outgoing mail, and they'd love it if people had to buy more servers (each running a copy of Windows, of course) just to handle all of the added computational costs of sending mail.

In the article, "Goodmail chief executive Richard Gingras said individuals might get to send a limited number for free, while mailing lists and nonprofit organizations might get price breaks." But how do you know who's a nonprofit? Someone with a .org? Yeah, right!

I believe that SPF currently has the potential to put the biggest dent in spam, since it directly addresses forged email addresses without needing to replace SMTP. It's not a complete solution, but it's a lot more realistic than Microsoft's idea.

where to begin?

[tverbeek]

Requiring people to let the sender or some third party execute instructions on the sending machine is so fraught with problems, it's hard to know where to start. Unless this software is Free, you simply can't expect everyone to install on their systems; of course MS wants them to, but hey let's be realistic here: they won't. If it's only available in binary, it would lock out anyone using an unsupported OS (or version thereof). It'd be a new security hole in the sender's machine just begging (with a big neon sign) to be exploited, and would complicate the use of firewalls, especially those using NAT. It'd have a regressive fee structure, because those with expensive, high-powered machines could afford to "spend" more CPU cycles (heck, build a beowulf cluster of discarded 486's to buy more spamming rights), while some poor sod using a Pentium/150 can hardly afford to give up any.

Fine for the rich but...

[kneecarrot]

The most explosive growth for Internet usage (including the almighty email, of course) is coming from third world nations. A penny here or there may not affect someone from the first world, but it sure would make a difference in poorer parts of the globe.

Stupid

[Sentosus]

Email needs to be free....

Spam as a tool works as per the previous articles. It is a pain just like anything else, but instead of making me pay money to use email, why not spend you high budgets with an educational compaign to stop people from buying spammed products? No money made means no motivation. Problem solved. We voted with our dollars on banner ads and look how that market fell out. Rinse and apply to spam.

Also, what happens when we are forced to move away from email because we invite Microsoft to take over and control it?

Great picture of Bill?!?

[El]

The only great picture of Bill Gates that I know of are ones of this incident

Re:Great picture of Bill?!?

[pete-classic]

False, there is also this one.

-Peter

What about large spam networks?

[Abcd1234]

How does this help in the case of spammers creating massive networks of compromised hosts which are then used to send spam in a distributed manner? Such a "pay-with-cycles" technique is useless in this case, since you can still send a *massive* amount of spam with a few million compromised computers, even if each one can only send, say, one email per hour.

Re:What about large spam networks?

[mrpuffypants]

You forget, though, that Longhorn will make security breaches in Windows a thing of the past. Once that comes out everybody will upgrade (even grandma with her P133 playing Yahoo! Bridge) and then all security problems will just go away.

whew. I can't wait for that.

Pay with cycles?

[JUSTONEMORELATTE]

Aren't most spams sent using hijacked PCs anyway?
Why wouldn't the spammer be willing to sell cycles on the zombie PCs?

Re:That proposed "stamp"

[MCZapf]

I'd rather get spam than pay Microsoft for email (indirectly, it seems, through patent licensing).

Of course you know...

[cmowire]

That charging for email means that *nobody* will be able to run a free mailing list service anymore. Or, alternatively, be just as easy to get around as the current system. Or, even better, have a new set of quirks and possibilities for abuse that would further ruin our email systems.

The problem is, the main reason why the Internet has worked and CIS, GEnie, ISDN, Teletex, etc. have all fallen by the wayside is because you pay for bandwidth, not services.

No, the problem is, there's no good way to kick somebody off of the Internet.

I already pay

[nurb432]

I pay for my internet service, I pay for my pc, my taxes ( way too much ), my electrical bill... and my time isn't free.. ( though my software is )

Why should I have to pay more just because the government refuses to enforce laws that already exist.. Remember the no fax spam laws that pre-date this 'internet thing'? They prohibited sending faxes due to the fact the receiver had to foot the bill for the 'privilege' of getting the spam, due to expenses of paper and ink.

This doesn't even touch the fact that a large percentage of spam is pornographic, and being sent to minors.. also a crime in this country....

So fact Bill is in it to profit ( go figure ) has nothing to do with my statement...I f-ing pay enough now.. And im sick of it.

And finally - Cha ching, Revolutions.

[bad+enema]

Microsoft makes peace with Spam, tells everyone to learn to live with it and love it.

Dear lord....

[Aqua+OS+X]

Could you imagine the security problems we'd have if Microsoft developed software that forced us to leave machines open to remote connections in order to "pay" for mail.

I have enough security problems with downloading email and web content onto Windows machines. God only knows what would happen if people could upload shit onto my machine without my approval.

It's a novel idea. But I wouldn't trust MS to implement it.

Re:Postage due.... Postage declined

[cmowire]

Picture somebody sending you a message in a good natured way and inviting you to respond in kind (A "I found your website interesting. Wana chat?" message)

You send back a response and attach your 1 penny stamp token.

Said person sending you an email is really a scamster. They keep the penny. Repeat a bunch of times, you've just made some money.

My system for spam.

[Captain+Rotundo]

First off requireing on supposedly time consuming math is absurd. First off it can't be too complex because it would encumber normal users and recievers (who have to check it I suppose) second spammers will develope a cheat sheet (and if Bill doesn't think so he should do a search on the web for "Microsoft Product Activation Code".

My system is beautiful and simple.

Everyone use an OpenPGP program (maybe gnuPG) to sign all their email. then recipients can easily check a public keyserver (probably would have to set up more, but ideally each large domain would have one so you can check 'keyserver.microsoft.com' for the key for an adress from microsoft.com) of course you wouldn't need to check a server for someone in your keyring, but I bet through this method anti-spam webs of trust would become very easy to protect.

This is currently standards complient, so it breaks nothing. And it allows people to decide their level of protection.... you want unsigned mail to get through more power to you. You want to see only verified email fro people YOU know, go for it. you want to accept from any one who has signed that you can get the identity of from a keyserver, sounds great.

Why don't people do this? it requires nothing more than minimal changes to mail readers, and mild diligence. once it became popular enough its very easy to eliminate all non-trusted mail (although st first you would have to slowoly build it up of course)

is this that bad of an idea?

Dear Tom:

Please remit one fully factorized 2048 bit random number.

Love, Bill.

Re:Arg.

[Yobgod+Ababua]

This article is a decent brief overview of what I was referring to: http://www.techweb.com/wire/story/TWB20031205S0009

Email postage will get abused by spammers

[DocSnyder]

As soon as email costs money, the spammers will be the last ones to pay for their crap. Even worse, the whole system begs to get abused.

• Phishing for credit cards, email accounts and passwords is very common.
• Most spam is being relayed through trojaned Wind0ze boxes, whose owners would have to pay the postage.
• Email would become a "premium rate service" similar to expensive SMS or phone numbers, with the recipient getting a small (or maybe bigger) amount of money for each received email. It won't take too long for spammers to make wormed Wind0ze boxes send them zillions of emails and lining up their pockets.

Root certificates?

[msimm]

Why not use a system based on something like root certificates, which:

A) Cost money (hopefully not break the bank).
B) Are revokable (with a review process funded by registrations?).
C) Can be used to validate the authenticity of the source (PGP style domain/user authentication should be seamlessly built into ANY new RFC).

I know I'm not the first person to suggest this, but if white/grey/black listing or filtering (which I hate) isn't enough why use a per email fee instead of just validating the from field and revoking servers that allow spam.

I bet if we did this it wouldn't be long before almost everybody signed up with a registered email service (or purchased their own certificates) only leaving illegitimate senders in the cold. Forged headers *should* be a thing of the past, we have the technology.

Anyhow, I fear at this point its going to be decided by the first large system that comes to market. Which looks like MS is really pushing to be.

Re:Arg.

[silas_moeckel]

There are a few worms running around that make windows boxes into open relays and such making it easy for spammers to avoid IP based blacklists. It would be easy enough to have those same worms do the math for the postage as they are effectivly free to the spammer.

I think the funny part would be when a spammer gets an EE on the job and comes out with a custom proc to solve said math quickly. Install as a daughter card and your golden. This would be the same aproach they took to cracking DES via brute force years ago and I beleive in under 2 days.

Either way paying for things computationaly is a loosing battle.
Paying with real money is a centraly administrated nightmare.

Now granted spamassassin seems to work just fine. There are a few spams that slip though but not that bad, granted thats a constant battle.

I would vote for fight forged from addresses first if we can have near certinty that the sender is the sender then spam laws can work.

Comment removed

[account_deleted]

Comment removed based on user account deletion

NP = New Postage?

[jfengel]

The famous thing about the NP-complete problems is that they're hard to solve, but easy to check. That's presumably what's going on here. You can parcel out a rather large traveling salesman problem. But it doesn't take me 10 seconds to check it; it takes me far less than one second, even if I didn't know the answer beforehand.

I think that's kind of neat, actually.

So Johnny Badass can't bluff his way through; his work will be checked.

There are many other problems with this technique (a problem that takes 10 seconds on a 4 GHZ Pentium takes several minutes on a still-useful P133; non-upgraded computers get treated like criminals; patent terms could suddenly turn onerous) but the idea that a computer could bluff it out isn't one of them.

Email Postage also creates new problems

[dsci]

I own a business and we get something like a fair amount of sales leads via email.

I wonder how many people would not bother contacting us to inquire about services if they had to pay for the priviledge?

Also, I exchange A LOT of emails with existing clients...working off-site makes email the prefered mechanism of communication. I already pay for Internet Access (which currently includes access to routes between mail servers); I'd sure hate to have to pay for using a particular service on the Internet that is now free.

IMO, Spam is best fought at the source. Filters like SA are great for the user end, but the demand on the wires is still there (the recipient server has to GET the spam for it to be dropped). Go after the spammers themselves. Hard. With both barrels.

(1) Make it financially unattractive to spam. This can be either by fines or by MORE user education to NOT RESPOND to the dang things.

(2) Go after them criminally. They put an arguably unethical demand on everyone's Internet; who knows how many hardware failures are accelerated by the traffic due to spam (disks, NIC's etc). I liken spammers to someone who blows up, or at least physically blocks, a bridge on a public highway.

Mailing lists

[AaronW]

I can't see how this could work. Any spam-prevention measure must also have some provision to deal with legitimate mailing lists. Some mailing lists can be quite busy and have thousands of members.

Also, Gate's method has a lot of flaws, security being only one of them. For example, how will you deal with all the various different operating systems and embedded hardware that send email? For example, my Netgear firewall box periodically sends me emails of logs or alerts.

Also, you can't easily change the way email is done because its use is so widespread.

Making it computationally based has a number of major flaws.

1. How do you deal with the wide range of computer performance? For example, my mail server is a Pentium II, which is more than adequate for my needs, or my firewall, which is a 50MHz StrongARM processor?

2. How would you allow others to use your computer to make computations? This opens up some serious security considerations, not to mention the fact that there's a wide range of processors and operating systems that would need to be supported. I won't run Seti@Home because the last time I ran it it crashed my mail server after over 200 days of uptime. I don't know what it was about Seti, but it would always immediately crash my server.

3. You would need to make everyone agree to do this. The Internet is international.

A better way would be to strongly encourage ISPs to block spammers and give them the tools to go after them. An ISP should be able to charge the hell out of a spammer on their network and encouraged to do so.

Why not give the backbones the power to cut off major spam sources and provide financial incentives to do so?

There's lots of other methods that could be used. If you make life completely miserable for spammers, they'll stop. If there's no profit, they'll stop.

If our stupid congress critters would do something right for a change, like California's anti-spam law that was blocked by the Washington idiots, then we'd have a lot more power to go after the spammers.

Re:Dear Tom:

[Stile+65]

Dear Bill,

The factors of 0x000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000002 are 1 and 2. I promise this number is completely random.

Love,

Alex

leave it be

Articles like these really make me sad.

When the Internet exploded and the joe masses came flooding in there were many rapid changes witnessed. Many of these changes were tremendously wonderful, and many weren't.

Over the years we saw the tug of war between those who think that the net is evil and must be controlled, and those who are intelligent enough to govern themselves and contribute to the common good.

There were many different attacks on our freedom, and usually we prevailed because it was obvious that proposed restrictions would damage our precious medium. But lately the anti-spam efforts begin to scare me.

I'm scared because most people hate spam. So even people who are normally freedom-fighters give a moment of pause to think, "Well, I really do hate spam, maybe I should consider this."

The answer to problems that arise within the net are never ones that limit and merely mimic our failing systems elsewhere.

I too was pulling out my hair over the explosion of advertising. I realized that it was collecting in my memories, permanently, like toxic waste being spewed at my senses.

For the most part however I have returned to serenity. I use Mozilla Firefox with the Adblock plugin, this takes care of all banners/popups. I also finally just installed spamassasin on my mail server and the hundreds of junk mailings that normally made my veins bulge are now routed behind closed doors to a junk folder.

To top it off I threw away my television. I can still enjoy the simpsons, but now it is commercial free. Caller I.D. protects me from unwanted calls. Simply lift the phone for a split second and slam it back down. And I do most of my business through the net so I can safely ignore snail mail.

The solution is already here. It is education, technology, and intellect.

[Paul Anka]
To stop those monsters 1-2-3
Here's a fresh new way that's trouble free
It's got Paul Anka's guarantee...
[Lisa]
Guarantee void in Tennessee!
[All]
Just don't look!
Just don't look!
Just don't look!
Just don't look!

I don't get it

[Coward+Anonymous]

Most spam originates from spoofed email addresses. Those emails that don't come from spoofed email addresses can be sued into oblivion.
So it is a simple matter of finding the spoofed email addresses.
This is how an email server would check inbound email:
1. receive email
2. lookup domain of sender. If does not resolve, discard.
3. lookup "domain email authority" of domain, say "authorize.yahoo.com" for senders originating at yahoo.com. No authority, discard.
4. ask authority it if the user is known and what IP address it would be sending email from.
5. Is user known and does "authorized" IP address match IP address of sender? If not, discard.

This mechanism would also make it easy to circumvent non-spoofed email addresses since the spammers would need to support the extra authorization queries. It would also force them to centralize their efforts making them an easy target for elimination.

The result: No spam, no Microsoft tax. Nothing. Only a little bit of overhead on DNS and email servers which could be eased with a little bit of caching.

Why wouldn't this work? Is there a problem with this?

Microsoft already did this about 5 years ago

[agusus]

"Instead of paying a penny, the sender would "buy" postage by devoting maybe 10 seconds of computing time to solving a math puzzle."

wait, this was already done! Last time I used Outlook to send an email, my computer churned for 10 seconds and then said "Illegal exception."

I guess this "math puzzle" [oh, so *that's* what they're calling it now] was too hard for Outlook.

Beyond that...

[jaysones]

98% of people will read this as: "So the richest man in the world wants me to pay for something I have always done for free?"

I predict his personal backing can only hurt this effort.

Re:Beyond that...

[dslbrian]

98% of people will read this as: "So the richest man in the world wants me to pay for something I have always done for free?"

I agree, this thing is dead before it ever gets out the conceptual door. Narrow-minded people look at it and think its rational, after all they think "it won't cost me much" ... but the whole concept of paying anything for email just destroys legitimate things such as mailing lists (think about kernel mailing lists, hobbiest lists, etc). It will never work across international boundaries, and if ever implemented people will simply revert to using the older free techniques. People are always looking for free or less costly methods of communication (such as VOIP), attaching a charge onto something that is free now is just stupid.

And I shudder to think of what might happen if politicians get a hold of a concept like this - "whoa, people paying money, and we are not getting our fair share of tax?!?"

I wish people would simply drop the paying for email concept. Bulk mail (bulk advertising) is not free, yet I still get way more of it stuffed into my physical mailbox than legitimate letters. Making it cost WILL NOT make it go away.

Not acceptable.

[brain1]

No I am not going to pay to send e-mail. Sorry, but Bill's proposal is not acceptable.

It is one thing to donate idle CPU time to something charitable and worthwhile, like SETI, if you wish to do so. But to allow a private corporation to freely enjoy things that cost me considerable money for, like a full time DSL connection, and the electricity to operate a PC with a 450 watt power supply 24/7, makes no sense. To require me to submit to this just so I can send e-mail is nonsense.

Other questions come to mind. If this proposed system is burdened with Microsoft patents, then exactly how will open-source or third-pary e-mail clients and servers be licensed with the Microsoft IP. Exactly what is that going to cost?

Re:Use an NP-hard problem

[Oroborus]

The problem is that algorithms to solve NP-complete problems are usually scale fairly linearly with processing power. In fact, if you're suggesting NP-Complete problems (rather than NP-Hard) then they definitely scale with processing power, so a computer which is twice as fast will take half as long to compute the result (more or less).

So two computers which are 10 years apart in age will be impossible to challenge equally. And even more disturbingly, specialized computers (think Deep Blue, or even a re-purposed graphics card) could be fairly easily constructed to demolish any NP-Complete problem.

The interesting thing about Microsoft's implementation here is that I believe they're using a challenge which is gated on something processor speed doesn't help with much. I'd trust MSR to have done this well. (Say what you will about the corporation, but MSR is top-notch).

I heard it had something to do with bus speeds, but I'd ask someone whose job security doesn't rely on not being tainted by reading others' patent applications. ;)

Attention Bill Gates

[npsimons]

You advocate a

(X) technical ( ) legislative (X) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
(X) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
(X) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
(X) Unpopularity of weird new taxes
(X) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than SMTP to attack
(X) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
(X) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
(X) Sending email should be free
(X) Why should we have to trust you and your servers?
(X) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
(X) This is a stupid idea, and you're a stupid person for suggesting it.
(X) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Using computation won't work

[AaronW]

The problem with requiring computation cycles is that you need to deal with a lot of older computers. I have friends with old Pentium-based computers, some of whom cannot afford a nice new P4 system.

Also, what happens to all these web-based email accounts like Yahoo or Microsoft's Hotmail? I guess they'll need to spend a lot of money adding processing power for their users to send email.

What's to stop someone from making hardware to do the processing? It shouldn't be too difficult to implement an FPGA or an ASIC that could do the processing much faster. I imagine it wouldn't take too long for PCI boards to come out to offload the processing for large mail servers, then spammers with money could just buy the board to offload the processing.

-Aaron