Slashdot Mirror
What Happens If You Don't Pay for Goodmail?
If I could ask one serious question of anyone who was defending pay-per-email, or sitting on the fence about it, this would be it: Suppose you sent an extremely urgent e-mail to your doctor or your lawyer, who for the sake of argument you're not able to reach by phone. The recipient's ISP owner happens to see the message before the user retrieves it, and realizes how urgently you need to get it through. So he moves it to the recipient's "spam" folder, and then calls you up and says: pay me $1,000 to move it to the recipient's inbox, or they'll never see it.
Does the ISP have the right to do that? If not, why not?
Perhaps you'd say that Goodmail's 1/4-penny-per-message is reasonable, but $1,000 for one message is too much. But then who decides what is "too much"? The marketplace? Then isn't the ISP admin just another player in the market, and $1,000 is what they want to charge? If you don't like it, you can go somewh... oh, wait, you can't, because there's no other way to get through to the recipient. If you ever get through to your doctor or lawyer, they might switch ISPs after they hear what happened, but should that be your only recourse?
The problem with the ISP charging $1,000 to deliver your message is not that $1,000 is "too much", but that they're charging for a service that has already been paid for. If your doctor or lawyer pays for an e-mail address, they're doing so with the understanding that their ISP will make a reasonable effort to deliver the non-spam e-mails that people try to send them. If their ISP then turns around and asks you for $1,000 to deliver the e-mail, then they're trying to double-bill for the same service, and if they block the message because you don't pay the $1,000, then the ISP is cheating the recipient out of a service that they've already purchased. And it's not just the recipient being cheated; if the recipient has an arrangement with you, as your doctor or lawyer would, then the ISP is interfering in their business relationship with you.
Now, if an ISP using Goodmail offers to let you bypass their filters by paying 1/4 penny per message, how is that different from the doctor example? Well, on the face of it, it's different in at least two ways: first, because the ISP is charging "only" 1/4 penny per message instead of $1,000, and second, they're not saying that your mail will be blocked if you don't pay, only that it might be. But are these qualitative differences, or just differences in degree?
Take the cost-per-message. I have a (verified opt-in) mailing list of about 50,000 people that I send mail to twice a week. In the aggregate, it is just important for me to get mail out to those subscribers, as it is for some people to get a single mail through to their doctor or lawyer. Also, in the aggregate, it would cost me about $1,000 per month if the ISPs collectively asked for 1/4 penny per message and threatened to block them otherwise. So is there any real difference between requesting $1,000 to unblock 50,000 e-mails, and requesting $1,000 to unblock a single e-mail, if you're just doing it because you know the sender urgently needs to get them through? (It's not a reflection of the ISP's costs -- downloading and storing 50,000 messages at 3 K each, costs almost nothing, certainly not anything close to $1,000. And again, I would argue it's a moot point anyway, because those services have already been paid for.)
And how much difference is there, really, between saying that a message (or a group of messages) might be blocked, and saying that a message definitely will be blocked? If it's bad for your doctor's ISP to call you up and say, "Give me $1,000 or there's a 100% chance that your message doesn't get through," what if they say, "Give me $1,000 or there's a 50% chance that your message doesn't get through," isn't that at least 50% as bad? You could say that in my doctor example, the blocking was deliberate, but in the case of the spam filter, it's accidental. But if an ISP chooses not to fix problems with its spam filter, then in a way it's still deliberately creating a certain percentage of cases where the spam filter will block legitimate mail, even if those cases occur at random.
There is one more difference between Goodmail and the scenarios I've described, which is that Goodmail not only lets you bypass an ISP's spam filters, it also certifies that you are trusted and not a phisher. If an ISP like AOL controls the user-interface that a user uses to check their mail, it can display the blue-ribbon "CertifiedEmail" icon next to a Goodmail-certified message. In this case, an ISP can plausibly claim that they're letting all legitimate e-mail get through, but they're still offering a benefit to Goodmail senders. The problem with this is that since phishing only works on users who are gullible to begin with, a phish could just as easily display the CertifiedEmail icon in the body of the message to try and gain a user's trust. It's all very well to say that a user should know that the CertifiedEmail icon only "counts" when it's displayed in the inbox, not in the message itself. But a user who knows that, would probably also know that their bank's Web page is not 209.211.253.169. And besides, most users of Comcast, Cox, RoadRunner and Verizon will be using their own mail clients like Eudora which won't display the "CertifiedEmail" icon anyway.
So it seems pretty clear that the main benefit of using Goodmail will be deliverability. And that's the basic Catch-22: If an ISP gives the same deliverability to non-Goodmail-certified messages, then who's going to use it? On the other hand, if an ISP gives better deliverability to Goodmail-certified messages than to other messages (much more likely), then they are to some extent misrepresenting the services they sell to their users, since users expect an ISP to make the best effort to deliver all legitimate e-mails, not just the ones from paying senders.
Goodmail likens their service to FedEx or UPS for "enhanced delivery" of paper mail as a way of getting the recipient's attention. But the difference is that if you're trying to reach your lawyer, then the office complex where he works (or the city that maintains the streets to his house) is providing the service that he expects and has paid for, namely, allowing different companies to deliver stuff to him there -- and because you have different choices, that means FedEx, UPS and the USPS have to compete with each other, and that keeps the delivery prices down. On the other hand, if an ISP blocks you from mailing their customer unless you pay their fee, then the ISP is going against what the customer expects them to do, and it is precisely that betrayal of trust that gives the ISP a monopoly on your ability to reach the customer -- which leads to them charging monopoly-style prices, like $1,000 to receive and store a few tens of thousands of messages.
There is a lot of debate about whether "the market" would fix problems of legitimate e-mail being lost. Esther Dyson's editorial was a classic libertarian defense of the free market as the arbiter of systems like Goodmail: "If it's a good model, it will succeed and improve over time. If it's a bad model, it will fail. Why not let the customers decide?" Actually I don't think the free market does fix most e-mail deliverability problems -- I've been involved in a few business that sent bulk e-mail (to subscribers who requested it and confirmed their subscriptions), and have had conversations with dozens of others, and we've all had problems sending to Hotmail, AOL, and Yahoo, and I've never, ever heard anyone say that their deliverability problems were solved by "the market". (Usually the problems just come and go, and nobody knows why.) But in a way this is all beside the point. Even if the market would stop more egregious abuses, what gives ISPs the right to charge senders for e-mail services that their customers have already paid for?
I actually met Richard Gingras, the CEO of Goodmail, and Charles Stiles, the postmaster of AOL, at a conference in Seattle last year where they were on a panel defending against the Goodmail controversy. They seemed like nice guys who were genuinely blindsided by the criticism that Goodmail had been receiving. It's easy to see the point of view of Goodmail's defenders -- if Bob wants to pay Alice to "certify" Bob, why would it be anybody else's business? It isn't, until it leads ISPs to steer people towards a system where if you want to be treated like a non-spammer, you have to pay -- even if, strictly speaking, the recipient is already paying to receive your mail.
As for the much-vaunted free whitelisting privileges that non-Goodmail senders will continue to enjoy, in the pre-Goodmail era I once found that AOL was blocking some of my mail to their users, so I called their postmaster department and learned the following facts:
- The first person I talked to, said that he checked the logs and our mail was being blocked because we didn't have reverse DNS set up. I thought this was odd because we did have it configured, but I thanked him and hung up.
- Then, I called back and got someone different. I asked them the same question and they said that according to his logs, our mail was being blocked because someone else at our ISP was sending spam. I asked him why they were blocking our IP address, if it was different from the IP of the alleged spammer; he paused and said, "Is there anything else I can help you with?", and this repeated several times as I thought my phone or his headset wasn't working, before I realized he was just being a dork.
- Then, I called back and got yet another person, and this person said that he could see our mail was being blocked because it contained banned content. I was pretty sure that was wrong, because you get a different-looking bounce if you're sending mail that contains a banned string, but I took a note of that anyway.
- Then, I called back and got a fourth person, who said that our mail was being blocked because some of their users had flagged mail from our IP address as spam. He paused for a brief conversation in the background, then came back and added, "This has already been explained to you, sir." I said that since I had gotten four different explanations in four different phone calls, I figured I could just keep calling and tallying the votes that I got for each explanation, until one of them emerged as the winner.
Much later I found out from someone else about the AOL whitelisting program, which I'm currently trying to see if it prevents us from getting blocked. But if none of the people answering the phone at the postmaster department knew or told me about it (and I confirmed that it did exist at the time), how many other organizations or businesses don't know?
ISPs adopting Goodmail say that while Goodmail senders can bypass their spam filters, non-Goodmail senders will continue to enjoy the same deliverability rates that they have in the past. That's what I'm afraid of.
I don't get the big deal about spam. Honestly, you get more junkmail than regular mail on a daily basis, but yet there's no big call to outlaw regular postage and allow only confirmed 3rd parties to send you mail. Why the hell should e-mail be any different? If you want my opinion they should make Internet access a utility just like phone, electric and other things and regulate the piss out of ISPs so they can't start payola practices such as "send us $100 dollars or the e-mail gets it." Spam isn't a bigger deal than junkmail, it's actually less costly, so why do we care so much that we'd let them ruin e-mail?
Judges and senates have been bought for gold; Esteem and love were never to be sold.
1) Goodmail doesn't get your company's money.
2) Your spam doesn't get through
No big long overthought article required.
... it'd be a shame if somethin' happen to it. Know what I mean?"
The argument here is predicated on the ridiculous premise that can only reach you need to reach your Doctor or Lawyer urgently (not so bad so far), but you can only do so though email.
Huh? Email isn't an urgent communications medium. Furthermore Doctors and Lawyers who need to be reached urgently have secretaries and nurses who do triage. They contact the Dr/Lawyer if it's truly urgent.
AccountKiller
why high-volume isp's are signing on to this scam....
fta: At least half of the fees go to the service provider
anything to make a buck. sheesh.
Goodmail is a service for spammers to bypass spam filters for a fee. It is plain to see. By particpating, ISPs that use Goodmail have in effect become spammers themselves. Such ISPs should be avoided like the plague.
At some point, does e-mail become more cost than benefit?
The idea that I would communicate anything both important and urgent via e-mail is funny. I no longer trust the incoming e-mail, too much of it is spam. And now the efforts to deal with spam...the filtering and flagging and whatnot kill any confidence I have that the recipient will receive and read the message when I hit the send button.
"So he moves it to the recipient's "spam" folder, and then calls you up and says: pay me $1,000 to move it to the recipient's inbox, or they'll never see it.
Does the ISP have the right to do that? If not, why not?"
You don't have to use your ISP's email. Not everyone has a bevy of choices for their ISP but everyone on the Internet has plenty of e-mail options. An ISP has the right to do such a thing as far as I can tell but if they actually tried pulling a stunt like that, they'd see how quickly they can get people to jump ship on their email services. I wouldn't recommend tying your email into your ISP anyways. You don't always have the option to take your ISP-based email with you when you move or change ISPs.
And that's not even taking into account that Goodmail is a complete sham. The only people using this will be spammers with money looking to get around your spam filter.
Most ISPs I've dealt with don't offer the most robust mail clients, anyway. As a result, I usually read mail via an external POP client or have it forwarded. I currently read all my mailboxes through Gmail.
With alternate web clients and desktop options, I doubt this is as much of a lock as AOL's "we are the one true client" style aproach.
It would be interesting to correlate who gets maked as "good" versus other service's spam filters, though.
If you don't want their service, they'll spam you.
"Please, shut up. Just when I think you can't say anything more stupid, you speak again." -Archie Bunker.
What happens if you need to call 911 because of an emergency like you broke your leg or worse? While email isn't 911 it does seem to me that it more and more can and will be used when either the person is unable to use a phone or otherwise does not want to/can't reach the person any other way. The idea to pay a free email service extra to make SURE your mail gets to where it's going seems great but isn't this a silppery slope? Do we really want to start making extra paying people's mail a higher priority then others? "Oh im sorry sir that you missed your child's recital because the email notifying you about it couldn't be bothered to be fished out of the spam folder because X Y and Z clients already payed their "my mail is more important" stipend and we need to be priority to THERE mail." Are we just seeing the slow phase-out of freemail in the longrun?
I looked through a lot of quotes about life and they are all bullocks.
Yep, you are correct about the spam issue.
But the larger issue is whether your ISP can or should be filtering your email (or prioritizing it).
I have no problem with INDIVIDUAL users signing up for such a service.
But when ISP's start signing up, it breeds abuse.
This reminds me of an anecdote ... a gentleman was talking to a young lady and asked her if she would have sex with him for a million dollars. After she thought about it for a moment, she said yes. Then he asked her if she would have sex with him for $50.
"What do I look like, some kind of hooker?" she demanded.
"We've already established that," he said. "Now we're just haggling over your price."
Goodmail has established who the hookers are among the ISP community.
!#@%*)anks for hanging up the phone, dear.
I have a (verified opt-in) mailing list of about 50,000 people that I send mail to twice a week.
Bulk distribution is what RSS feeds are for. If people really want your stuff, they'll subscribe to the feed. Then the recipient is in control. I'm not impressed by people who claim that people need to receive their newsletter / e-mail spam.
This is something I have setup and have had great success with. Aside from the spam filters I get that are obvious "P3NI5" and such in the text, I have setup an auto response to anyone not whitelisted. Basically, if you are someone not on my white list and you send me a mail, it goes into a holding queue and sits for 5 days (like a spam folder but different in my setup). Any mail that goes here gets sent a auto-reply that basically ask them to send me another email with a confirmation string or the option to go to a web form and enter the email address they sent it from. This will grey-list the email and allow one from that sender through. From that point, I can see its grey-listed and choose to white list or remove from all list or blacklist. If I remove it, they have to repeat the process to get it through again.
The point in goodmail is not to charge people for guaranteed delivery, but to save you the time you'd waste talking with the technical department to figure out what went wrong, what needs to be changed, etc etc.
It's basically a fast path through that bullshit. If you don't have the time to waste on these sort of things, pay the fee, if you do, or the service costs more than you're willing to pay, do it the old way.
He tried to kill me with a forklift!
As for the strawman, you just sue your professional and their ISP. I have no doubt the ISP would get hit for actual, consequential and punative damages.
On another level, email should not be used for high-value communications without backup/acknowledgement. The internet just is _not_ reliable. Email is far less reliable than people suppose.
Free markets work, really they do Bennett. If you're paying somebody for something, you expect to Actually Receive it. If you don't, you kick out that vendor and move on to the next. Yes, there may be some pain for the first few people who discover that, but we're a connected society. Reputations are like glass. One crack and it's gone.
Don't piss off The Angry Economist
I thought the point of a certified email system was not so much that you could "be sure to get through" but that there was a real, identifiable, *sue-able* person or organization that could be sued if the email is in fact spam. Therefore, the email with that label is less likely to be spam, since it's sent by someone already on the hook for punishments if it's spam.
Goodmail is just whoring out the right to spam you, while keeping all the gain for itself. I thought that was the postal service's province?
Apology to Ubuntu forum.
I don't think the free market can solve all the world's problems, but in this case it does have a fair shot.
The dilemma presented in the writeup is that you can't get messages through to someone (your doctor, mailing list recipients, whoever) because their ISP is extorting you. The author then argues that the free market cannot respond because it is the recipient being screwed (by charging others for a service that the recipient has already paid for), but the recipient is unaware of this abuse because they can't receive the messages.
But, that last part is rather unlikely. You will still be able to contact the recipient elsehow: either by paying the silly fee at least once, or by phoning them, or using a recipient email address not linked to the ISP, or by posting something on a web-site.
Take the example of the mailing list. The author worries about the cost of sending mails to thousands of people. So, basically, your mailing-list signup could say something like "We won't send email to people on ISP X" or "We cannot guarantee delivery to ISP X... click here to find out more." If the user really wanted to sign-up to that mailing list, then they will be annoyed by this. Ultimately end-users will find out about what their ISPs are doing, and switch ISPs (or at least switch email providers).
So the recipients will be empowered to change their email provider. And I'm fairly certain this whole scheme will fail for precisely that reason. The end users (senders or receivers) don't get much of benefit from the service--certainly not a benefit commensurate to the cost. So they will not pay the fees, and the scheme will fail. (Notice that some people have called for nominal 'email costs' many times to prevent spam... such proposals never take off mainly because the users of email don't want that hassle or cost.)
I think it will be possible to vote with our wallets, and watch this little scheme die a painful death.
Suppose you made an extremely urgent phone call to your doctor or your lawyer's office, who for the sake of argument you're not able to reach by email. The receptionist happens to take your message, and realizes how urgently you need to get it through. So he moves it to the bottom of a stack of unimportant messages, and then calls you up and says: pay me $1,000 to bring it to the recipient's attention, or they'll never see it. Does the receptionist have the right to do that? If not, why not? Perhaps you'd say that Receptionist X's 1/4-penny-per-message is reasonable, but $1,000 for one message is too much. But then who decides what is "too much"? The marketplace? Then isn't the receptionist just another player in the market, and $1,000 is what they want to charge? If you don't like it, you can go somewh... oh, wait, you can't, because there's no other way to get through to the recipient. If you ever get through to your doctor or lawyer, they might switch receptionists after they hear what happened, but should that be your only recourse? The problem with the receptionist charging $1,000 to deliver your message is not that $1,000 is "too much", but that they're charging for a service that has already been paid for. If your doctor or lawyer pays for a receptionist, they're doing so with the understanding that their receptionist will make a reasonable effort to deliver the important messages that people try to leave them. If their receptionist then turns around and asks you for $1,000 to deliver the message then they're trying to double-bill for the same service, and if they block the message because you don't pay the $1,000, then the receptionist is cheating the recipient out of a service that they've already purchased. And it's not just the recipient being cheated; if the recipient has an arrangement with you, as your doctor or lawyer would, then the receptionist is interfering in their business relationship with you.
Just for fun, I think I am going to block anything that is goodmail certified. It should only affect tens of thousands of our users, but goodfun anyway. Now I just have to find a way to flag these....... and make sure the bounce says why.....
That's a horrible analogy.
If FedEx and UPS deliver packages.
It would be like FedEx/UPS if (using a US only example for simplicity)
(A) All packages were delivered by USPS only.
(B) FedEx/UPS put a person by the mailbox of everyone who used their service (or maybe everyone on every street that opted in, regardless of if the individual wanted the service or not)
(C) The FedEx/UPS agent would simply sit their until the mail man came up, and take the mail when the mail man came up.
(D) The FedEx/UPS agent would then look at each mail, and either
( D.1) Put it in the mailbox if it was from a sender that gave him/her money
( D.2) Put it in the mailbox if it wasn't from a sender that gave him/her money, but he/she felt like it (which is apparantly rare)
( D.3) Throw it in a junk box next to him/her.
(E) Go back to drinking his/her beer.
... and they are complete utter idiots/wankers. This does not even surprise me at all coming from them. While i am sure there exists some people with clue somewhere, someplace within the thing, most of the people manning the phones are ( as per past experience, numerous comments and dealing of associates, other occasions where i've kibbitzed with people having had to deal with them) :
...( silence ) ..." ...And here i am explaining to the bloke on the phone the situation, namely that we are getting "Report cards" without any kind of information as to why people are complaining, with no headers or anything at all to help us.
- Insuficciently trained to deal with admins ( where a postmaster/mail line should)
- Don't have enough knowledge about how email works oin the network
- Limited network training
- No power to do shit all to REALLY help you
- Extremely bullshitty. they don't know what they're talking about, they'll just go with whatever.
This is just like their bullshit "mail report cards" they started sending back in the days. It's condescending, badly implemented ( and hence) mostly useless. ( included original rant on that lower behind supersnip). I think the whole " pay for delivery" is a dangerous slope to get onto for networked mail. At least the Sender Policy Framework makes more sense.
Shit man, it's times like these I don't miss working abuse@some.isp
==(supersnip)==
---(start idiotic message from AOL)---
Date: Mon, 5 Apr 2004 09:04:13 -0400 (EDT)
From: postmaster@aol.com
Subject: AOL email concerns for isp-where-i-work-abuse.net
To: abuse@isp-where-i-work-abuse.net
X-Scanned-By: MIMEDefang 2.39
Dear isp-where-i-work-abuse.net,
You are receiving this message via our automated "Report Card" process (which helps analyze AOL's Internet inbound mail) because our available data indicate that isp-where-i-work-abuse has risen above the acceptable threshold for complaints:
Total number of AOL member complaints: 186
AOL takes proactive steps to contact owners of mail servers whose e-mail transmissions are impairing the functioning of AOL's proprietary e-mail system, or causing significant levels of AOL customer complaints.
AOL requests that you take immediate steps to resolve the issues identified in this AOL Report Card. In the absence of a satisfactory resolution, AOL reserves the right to take measures to protect its email network and its member goodwill from any possible damage. These measures may include declining to accept e-mail transmissions from isp-where-i-work-abuse.net through AOL's proprietary e-mail network.
AOL strives to provide the best online experience possible for our members, and we pride ourselves on being intensely focused on consumers and their needs. Email is a core feature of the AOL service, and the proper functioning of AOL's e-mail system is vital to our members' goodwill.
Please review AOL's e-mail policies and guidelines, as well as other technical details concerning e-mail on the AOL network, at http://postmaster.info.aol.com/
--(end message)--
Ooohhh, AOL's proprietary e-mail network. No information that is gonna be any use in determining WHY people are complaining at all. I guess this should not be a surprise, considering this crap is coming in from AOL! So i do the next available thing , i go to the website. Result : No information that is gonna be any use in determining WHY people are complaining at all. But there's a phone number.
Result of calling 1-888-212-5537:
*dials phone*
"The holding time for the next available consultant will be more than ten minutes."
"Thank you for calling America online
*spits water all over desk, workdesk and papers*
(musak)
(an hour later)
"Hello, this is postmaster helpdesk, can i help you?"
REP:"oh, that's because you don't currently have a feedback loop with us."
ME : "huh? but we received your repor
Peace and happyness to you, by LullySing
Sure if you're a company you're rejecting some big names but I don't think it'd be for very long if everyone did it...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I know that the answer is, "because this allows the ISP to make more money" but if we look at it from the perspective of what's best for users, why exactly is pay-per-message the best solution?
Instead, how about I create an anonymous identity including a public key, and I register that anonymous identity with some kind of authority, who charges a very small fee - say two or three dollars. Now I can send all the emails I want. Each email is signed with my private key and email clients can query the authority to verify that I am me. When they see that I am registered, they leave the email in the inbox.
If I start sending spam, then the people who get my email will start telling the authority, "hey, you said this guy was registered but he is spamming me" and then after some threshold, the authority would revoke my registration. Any email without a registration might be spam, and would be filtered just as we filter email today. Any email with a revoked registration is *definitely* spam and goes straight to the trash. Any email with a valid registration is definitely not spam.
From the spammer's perspective, they would have to pay $2 to register, but then they could only send 100 or so spams before they are revoked. That would get very expensive very fast.
Spammers might try to DOS someone by telling the authority, "this guy is sending me spam," and hoping to have that guy's email address revoked, but the authority will only listen to "this guy is sending me spam" messages from registered users - plus, the authority requires 100 or so notifications before revoking. So the spammer would need to pay $200 to revoke someone's key. And after they pay that $200 to revoke your key? All you have to do is pay $2 to obtain a new key.
...at least in its current form. Now, don't get me wrong, I still employ e-mail, but it's not exactly useful to me. When 90% of the e-mail I and my clients recieve is useless crap, the medium that allows that kind of pathetic signal-noise ratio is just plain not useful in my book.
I've got clients that get 10,000+ spam e-mails a day, and we're not even talking large businesses. I'm talking 1 person getting well over 10,000 pieces of useless junk per day, because they don't want to or can't change their e-mail address. The amount of money they've spent on me to try to reduce that is ludicrous, and I feel like some kind of Dick Cheney oil profiteer. They're all quite happy with every little bit of relief I can give them, but it's getting to the point where if something serious WAS done about spam e-mail (in an international/legal sense) I would lose a lot of business, and that concerns me.
Communication is important, but there are a lot less costly methods of communication out there than e-mail. E-mail damn well isn't free now, so I don't know what the "Oh no, don't charge me for e-mail!!" people are complaining about, honestly. Just ask the postmasters of AOL, Yahoo, Gmail, etc, how much they spend on spam filtering. Just ask the restaurant owner and the machinist I work for how much they've spent on my time to teach them how to use spam filtering, and finding a service provider that provides decent filtering options in their management consoles.
'nuf said.
...is a way for someone you've opted in to, to prove it. If I wanted to subscribe to a mailing list, I shouldn't send a mail to listmaster@foo.com. I should send an email to mailfilter@myisp.com with the title "whitelist listmaster@foo.com" which would create a keypair, send the private key to listmaster@foo.com and store the public key in a database on the mail server. Then when foo.com wants to send me an email, they sign it with that key, my mail server verifies it and if it's good, it bypasses the SPAM filter.
Obviously I should be able to do a few other things like "blacklist listmaster@foo.com" which would basicly be an unsubscribe which the server would record, then let the mailing list know the next time they try to deliver mail. Same thing if that token is somehow compromised (and/or shared with partners) which start sending you SPAM. That gives pretty much all the benefits of Goodmail, of course without making money for anyone so I guess it won't happen...
Live today, because you never know what tomorrow brings
This seems like an excellent place to remind people that they can opt out of much of that "paper spam". In addition to helping the environment, you're also helping to protect yourself from one vector of identity theft.
Ben Hocking
Need a professional organizer?
Rather than charging to receive the email, shouldn't ISPs be looking at a charge per email sent? If t cost 1/4 penny for me to spam 100,000 people, that's $250 per mailing, not a lot, but when you consider the bigger spammers have lists that top a million people, and if they send out 10 spams each day to each person, that's a lot of coin, and most spam houses would be bankrupt in a matter of months.
With this kind of system, it would be easy for me, joe average user to contact an ISP that sent me spam. It would be verified because it was paid for. In the ISP TOS, Spam could effectively be dealt with by saying "Spamming will get you booted." Who wants to pay to get booted from their net access? We'd be rid of email spammers quickly, but then they will just hit the forums, and myspace pages to spam us again. The difference is, it takes more time and effort to forum spam.
The only problem is logistics. How do you get every ISP to charge for sending, (not receiving) email.
I get about items of USPS mail per year at my home address. That's because I use a PMB for all of my mail, and because my home address has been submitted to the DMA (Direct Market Association) as an "opt-out" address. It costs nothing and it really works. You must send the DMA a letter every 5 years to "refresh" their database. If you don't, you will start receiving junk.
There is no similar method to opt out of unsolicited e-mail so your conclusions are flawed.
I'd been thinking that goodmail was bad until I saw that messages that used it would be specially marked in user interfaces. This completely changed my mind about it. Email whose sender is willing to pay money and have list management compliance tests to have not treated as spam is almost certainly stuff I want to delete unread, and it'll be clearly marked for me. This is a big advantage over the current situation where almost all spam is obviously spam, but list mail from legitimate companies is more difficult to eliminate at a glance. For that matter, if you actually want to see any of this email, it should be possible to whitelist the sender if you actually want to opt in.
While I applaud having bulk e-mail senders pay a penny or so each to have to send e-mail, it's not like I'm going to see that penny for reading their junk, or get an AdSense payment for clicking on their link.
Wouldn't surprise me to see the ACLU complaining that this hurts the poor, promotes child pornography, or damages Free Speech. How long before there are subsidies for those who can't afford to send e-mail otherwise?
The only advantage of making e-mail more expensive for the average user is that we'll see less of it. 10 billion Viagra spam messages sent for free through hijacked users, bot nets, and China, wouldn't be worth sending if the return per e-mail on average was less than the cost of sending them. And I wouldn't miss them for a moment!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
How can the parent of this, and its parent both be modded to +5 Insightful, when they are opposed? I would think one is insightful and the other is not.
no comment
I came up with a similar idea to this years ago but the difference was that I thought it would be good to pay the recipient to read the email and have the ISP get a percentage. So instead of always paying Goodmail 1/4 penny, the sender could decide to pay the recipient $1 or whatever and then the ISP gets 10 cents. This seems to avoid the "extortion by the ISP" issue that was brought up too. Imagine that you could get a producer to read your script by offering to give him $100 to read it. Or pay $2000 to get Bill Gates to read your opinion about something. This sounds crass but it is no different than what lobbyists do. The main problem is that I can't really guarantee that the message was read, just opened...
There is an assumption for perfection (or as close as possible) in current email systems. They want to do the job as best they can. They are very complicated systems, and such high expectations means that they must stay active to continually maintain and improve reliability. If there is a 'good enough' level, there might not be the impetus to do as-good-as-possible, rather a good enough for non payers. At worse, it might cause intentional crap code to leak in in order to force payment for use of a system that works. Those pushing this, and many others out there, must realize that the horse is before the buggy, rather than the other way around. If there is not a drive to put out the best possible of products, I have no room for the product regardless of cost. Tieing the systems to a larger system out of the control of most (ie the financial system) is perhaps not the smartest of moves, either.
You, Sir, are part of the problem.
I don't care if you think they're "opt-in" -- if you're sending 50,000 emails twice a week, you're a spammer. You might call it a newsletter etc, but it's still mass emailing -- ie. SPAM.
I'm sure plenty of the spammers who send me email think I opted in. They're wrong -- and I won't opt out because it only confirms that my email address is valid, leading to more spam -- no, I just permanently block them. I bet plenty of your "opted in" recipients have done the same to you.
Ian Ameline
Whenever I've had double opt-in list or even paid-subscriber list mail bounced by AOL or had servers blacklisted, no explanation they have ever given me nor any instructions they have provided have proved accurate or helpful. I expect there are smart people in the middle, and cheap tech support with scripts on the edge. Probably demoralized now, too, because they're going to lose their jobs any day as AOL continues to shed operations and outsource to even cheaper, less helpful people.
By contrast, I had a problem with a mailing of 3,200 that's tied to blog postings (the list is just an exploder to double opt-in subscribers) with Yahoo, and I posted a note on my blog about it. Within hours, i had received two separate responses from people at Yahoo offering to help. I provided information they needed, they fixed the problem, and we were all done.
Freelance tech journalist for the Economist, MIT Technology Review, Macworld, and others
This is one to one transactional email. Think "Ebay auction notices" or "Bank statements". It's confidential customized email not suitable for an RSS feed.
Don't piss off The Angry Economist
I agree with the parent. I currently sort my own snail-junk-mail, and I do get around 60% spam in my smail. I can also sort through my own email, but far more effectively. Why is the impetus for email spam filtration all server-side? Why not make it consumer, software side? My email server keeps all of the spam I receive and I download it all to my computer, where my computer will then sort it and mark it as spam fairly accurately. There are huge industries for anti-virus, anti-phishing, and firewall programs, why not also for spam? Let the consumer decide what to do with their email and stop touching it. One may in fact argue that spam filtration on incoming and outgoing email is a breach of a privacy agreement you have with the ISP. Does anyone know of a legal expectation of privacy in cases like this? It is quite similar to a mail-person opening your mail and deciding if this or that letter be delivered in a timely fashion based on the content of the mail. It is my preference that I get to choose my preference as to the usefulness of the mail I receive, that same with email.
Don't be a dumb ass with your email address. I have had the same gmail account for over a year now, and I have received no spam to date.
The key is to not pick a ridiculously simple email address like your firstName@domain.com or cooldude@domain.com and pick something a little less scriptable, then on top of that, never sign up for web pages with your 'real' address. Only give it to PEOPLE that you want to contact you. Also using something like the name+filter@domain.com that Gmail offers is a great help in figuring out who does give your info away if you do receive spam.
I have a feeling that the majority of the companies that 'respect' our privacy and email addresses in reality don't give a cold hard shit about either.
crap.
This entire argument is based on the hypothetical situation where you couldn't (for sake of argument, right?) get ahold of your doctor or lawyer over the phone or any other way.
That is just a ridiculous argument to propose.
Based on that you could start naming all sorts of similar hypothetical situations: say you could only get to your doctor through your neighbor's house, shouldn't you be allowed to walk through? You could only send him a message through a McDonalds hamburger but you had no money; shouldn't you get that burger for free? You could only contact him through CNN; shouldn't you receive free ad time to deliver your message?
In the end if you put yourself in a position where the only way to deliver a critical, "absolutely positively must go through" message is through a non-guaranteed medium such as email, you may be in trouble. Just don't do that.
I previously spent many hours a week fighting spam for our company. We used multiple products which had to be constantly tuned to level out the spam detection with the false positives.
I quit fighting a few months ago. I hired someone else to fight spam for me. It is costing me less, has a very good detection percentage, and almost no false positives. IP Whitelists work good for B2B domains you are in constant contact with.
I switched to MessageLabs. There are others out there. Surfcontrol, PostINI to name a few. But I am extremely pleased with MessageLabs. I suggest if your fighting spam that you check them out. They can do companies of a few e-mail boxes up to the many thousands. They have many millions of e-mail accounts they filter for.
Would I pay for Goodmail to deliver my e-mail? 99% of the time, no. But I have mailing lists. I have been on AOL's blocklist while on their whitelist due to some idiot clicking this is SPAM because he setup his e-mail account to forward all his e-mail to his AOL account. AOL won't help. If it was under $1 per e-mail, it might cost less than the time invested to get these mailing lists out. I get paid $4-$15 a week from the member so they can receive this weekly mailing. Perhaps an AOL/Goodmail surcharge is appropriate for these folks.
Email is utterly unreliable. It is a free service that has been horribly abused, mostly because it is free. Like all free things, it is worth exactly what you are paying for it - nothing.
If you need to get a message to a doctor or lawyer, you need to use some other means than email. Fax. FedEx. Postal mail is pretty good in some places, worse than email in others.
Slapping a fee on top of email to supposedly make it reliable is a joke. It is worse than a protection racket because it doesn't work. If the recipient chooses to white-list their email and forgets to include someone important there is no recourse and no notification. The message just gets lost and it is untracable. Ooops. Sorry. And there is nothing Goodmail or anyone else can do about this. They may be able to increase the probability of mail being received but they cannot guarantee it, dispite any claims they may be making.
I just hope Goodmail tags the headers so that they have processed it.
If I pick up any mail they have touched I can see that head and give them a +3 spam score.
Who other than spammers are going to pay for this to go through?
$_="Slashdotter";$syn="OTT";s;..;;;sub _{print shift||$_};s!ash!Perl !;s=$syn=ack=i;tr+LLEd+BLAH+;_"Just Another ";_
...it seems.
On one hand, it's cool if you think about it, they just sit there and think hey, let's charge these people for something they do every day, and can't stop doing, and requires no effort from our side, and we'll get rich, rich. But thing is, if these people can do this, why on earth should we trust them they won't do even more crazy things in the future ? Why should we trust our country into their hands if they are such ignorant folks ? When will they start charging for every piece of IM message you send ?
And don't forget, you pay all this as an extra above what you pay for having internet service at all.
And what will they do with people who have their own servers ? I can only imagine, however good faith I might have, that they will block every and each "outsider" until they start paying up. For a "service" they do nothing for.
I am not a company. I am not a spammer. But I have a lot of friends and I work in a research institute. I send dozens of valid e-mails every day, and I receive multiples of that number every day (some work related, some mailing lists, and so on). Do they want to charge me ? The institute ?
This whole sh*t smells and walks like another tax. No real reason, no real cause, it's just another way of getting money out of people's pockets.
And it's natural and certain that everybody and dog - besides common people and even some among them - will back this up since they all see the easy money pouring in.
This is stupid, we shall start charging them for every breath they take since they are taking that away from our common airspace and it's just fair if they pay for the privilege.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
You get BadMail. NEXT!
I think the invisible hand of the market has its middle finger extended
--A wise old fart named SC0RN
I think comparing email to letter mail/parcel delivery misses on some key details. Most importantly IMHO, for the purpose of mail/parcel delivery, you as a person or business own your address / front door/etc - it is either actually or essentially a public space. Therefore, I as the sender can choose anyone I want to delivery my message to you, based on the price, speed, service features and the willingness of any one service to deliver to wherever you are, and I can do this on a per-message basis. With email, there is no public infrastructure the way the street in front of your house is public and you have no choice but to pay someone to receive messages for you, and they're ostensibly paying for some of the infrastructure used to handle these messages. Also, while there's enough free webmail out there that you have some choice on where to send email from, your message will always end up passing through the same set of hands for any one recipient as it is being delivered, and you can do nothing about that save try to convince them to switch providers.
Even as you read this, your pants are strangling your loins! Aaa!
This certainly isn't a general solution, but my spam problem is gone. I run my own email server off of my DSL (I have a business class DSL contract with a static IP address -- which is only $10/month more than a dynamic IP address contract which forbids running servers). I have a different email address provided to each company I do business with, and a small pool of email addresses I give to new people who express a desire to email me (with a permanent alias created once their intent is verified), all routed via my system's email alias file to my real email address which is never disclosed to anyone.
If I start getting spam on one of the aliases, I know who's responsible for providing the address. I can simply disable the alias and create a new one. While it seems like extra work, it's relatively simple once the routine is established.
> Esther Dyson's editorial was a classic libertarian defense of the free market
> as the arbiter of systems like Goodmail: "If it's a good model, it will
> succeed and improve over time. If it's a bad model, it will fail. Why not
> let the customers decide?"
If the user has to pay, "free market" pressures costs them.
Why should the user have to pay to find out it's bad? If a service is going to be offered, it should be shown to work as advertised and will be worth what's being charged. This market is only "free" to the companies that are getting users to finance their experiment.
The term "open market" is more applicable. Others could enter the market and compete. Users can stay in or go elsewhere, the former costing money and the latter costing time and effort. Coming and going makes it "open". Costing the user either way is not "free".
Yes, I know it's a "generally accepted term" (free as in speech, not beer, etc.). In this case it's explicitly misleading term, and the users deserve the chance to understand that.
"I may be synthetic, but I'm not stupid." -- Bishop 341-B
One thing I wonder about this is if Goodmail attempt to check where the mail actually originates from, like what country the sender is in.
Do they really expect that anyone outside the US is going to pay to send emails to recipients inside the US?
Couldn't this be seen as an obstacle to international trade? Can the US be sanctioned because of this?
/ The Arrow
"How lovely you are. So lovely in my straightjacket..." - Nny
I'd beg to differ. On the day of September 11th, 2001, my sister was working in Manhattan. I could NOT get through to her to find out if she was ok for obvious reasons. I sent and email since that was the only means of communication. Guess what?? She got it and responded via email to let me know she was ok.
How long will it take for spammers to add a fake Goodmail header to all of the email they send?
I've never received a snail mail letter that could give thieves the keys to my house just by opening it.
So the ISP doesn't block the email. Outlook does. Or some other email client the user is running.
The ISP is not the last word in mail filtering and the sender has no input into what the email client may be blocking or not. They are not informed in any manner. This prevents them from being able to tell the difference between a person ignoring them and blocked email.
If you rely on email you are relying on something that is fundamentally unreliable. You can never know if the recipient received your mail and intentionally ignored you or just didn't get your mail. And there are no so many ways to block email and so many indpendent parties doing so "on behalf of" the end user that you can't even assume the mail filtering is being done with the knowledge and consent of the user.
I would think that any business which accepts money from a person and then routes their email (that turns out to be spam) around spam filters would be considered a co-spammer. Wonder what the courts would think about that...
The NSA: The only part of the US government that actually listens.
Guaranteed delivery creates liability for failure to deliver. Imagine the value of a hemi truck telivision advertisement if it is preceded by a v14gr4 advertisement and followed by Nigerian millionaires needing you to exchange currency or whatever - it puts the legitimate con in the same unflattering light as real marketing. It's like having a mansion across from a trailer park. The only thing guaranteed mail will do is change the color of the spam you get, instead of obvious conmail you will get credible conmail, its still a con. Coca-cola/Disney will finally be able to compete. hurray. I don't see the point.
"Does the ISP have the right to do that? If not, why not?"
Yes as long as they are prepared to get sued in court by the recipient of said "important" email
The sender would have no real case as they have no buisness relationship or contract with the isp but the recipient would have a very strong case if the isp was intensionally ( that bit is important) blocking their clients incoming email
Can see it now, ISP blocks or holds to ransom an email, costs the recipient a multi million deal, gets sued and recipient basiclly ends up owning the ISP
Remember that Goodmail isn't charging senders to get their mail delivered. The charge is to bypass the normal processing that the receiving ISP does to all e-mail and deliver directly into the recipient's inbox. If you don't pay Goodmail to get your mail certified then it still gets delivered, it just gets handled as normal everyday mail. Now if the receiving ISP starts dumping everything not flagged by Goodmail into the spam folder automatically that'll be another matter, but my problem there would be with the ISP and not Goodmail (unless Goodmail was telling the ISP to do this, but they aren't). That problem is one I'd have to take up with the recipient, though, since I'm not a customer of their ISP. But as long as it's the receiving ISP's choice how to handle Goodmail-marked mail, Goodmail and senders can do whatever they please as far as I'm concerned.
For myself, I'm a firm supporter of the ISP's right to filter incoming e-mail however they want. I like the fact that my ISP applies some pretty effective spam filters. I also like the fact that they're unlikely to bypass that filtering just because of a Goodmail signature on messages. The only thing I demand from an ISP is that they make it clear to customers what sort of filtering they do, so customers can decide whether they agree with it or not.
Let's say that the current market for email is say 100 million folks who want to send an average of mail to ten different email addresses daily. If each message cost a quarter of a cent, that's a market of potentially $9.1 billion in a year.
Let's say the current market for ISP is 100 million subscribers, spending an average of $20/month. That's a market of only $2.4 billion.
Let's say someone who wanted to "encourage" folks to switch go a goodmail service did so buy hiring a hundred spammers at $100K annual salary (paid in cash, ofcourse). That would only cost you $10 million dollars. How much damage could a hundred dedicated spammers do in a year?
If their spam will be guaranteed to be delivered, and they choose to pay for it, what good is a spam filter on a server for?
Only 'flamers' flame!
Does slashdot hate my posts?
...my ISP's silently dropped 100% of my email since it changed its server software a few months ago.
Personally, I've thought for a while that making an E-Mail cost a penny would eliminate spam. The cost of spending a million to send out a billion E-Mails makes the fractional profit margin useless.
The company I work for sends out a weekly newsletter (about two hundred thousand messages a week), and would easily pay for each and every customer to guarantee delivery.
I organize a small outdoor volleyball group, and my invitations constantly get squashed by hotmail's spam filter. If if cost me a 1/4 penny per E-Mail, I'd gladly pay the 13 cents a week it would cost me to send out those invitations.
My inbox gets maybe 10-20 E-Mails a day here at work. My junk folder gets around 300.
SPAM as has been argued is everywhere snail mail, email, phone, even tv. Also as argued most everything but email is paied for by the spammer.
I have seen first hand working in a company with over 80,000 employees how much SPAM can really cost a company. It is literally in the millions and that is not a one time cost. You have to set up filters, maintain them or pay for someone to do it, and then employ additional people to manage the infrastructure. Now at my current company despite the cost they can afford it. My previous company was a much smaller Health Care organization with around 2,500 employees. Even there we had to spend $300,000 to get set up and then the maintenance cost. It really hurt the company to have an expense like that just to stop SPAM. We were always looking at lower cost alternatives.
I also believe that a lot of SPAM is brought on by the people themselves. Not all of it, but quite a bit. When you register at most places with you home or work email you are just asking for SPAM. I know most places may not share the information, but all it takes is one company or even just one person to sell your info to these so called marketing companies. I tend to have a SPAM email account that I use just to sign up at sites (currently Yahoo).
In any case Email SPAM to me is more of a problem than the other forms just because the cost to companies. I really do not give a shit about the ISPs as I believe if you pay for a service you should get it without additional cost, but something has to be done.
This is another net neutrality issue. It's double billing to get an advantage. It just happens to be email messages in this case, and packets in other cases.
What are you getting for the 1/4 cent per email, assuming your email is not spam? An assurance that Goodmail will not misclassify it as spam?
What are you getting for the 1/4 cent per email, assuming your email is spam? A new spamming partner?
now we need to go OSS in diesel cars
and you'd better expect a chimney fire.
Suppose you sent an extremely urgent e-mail to your doctor or your lawyer, who for the sake of argument you're not able to reach by phone.
Sorry, but I find this article hard to identify with. I don't know my doctor's email. I don't know if he has one. I don't know anyone that knows their doctor's email. If you have a medical emergency, you should be dialing 911 or heading to the hospital instead of waiting for the doctor to check his email. Maybe it's just how America works in putting you through computer menues and other people to set up appointments and other countries are different, but I'll need different examples before I can "feel" anything for this story.
Besides, how can my ISP move emails from my inbox to my junk folder or back again? They don't have access to my computer. If anything they might delete it from the server before I download it, but if they don't get to it before I do then they can't do a darn thing.
How can the parent of this, and its parent both be modded to +5 Insightful, when they are opposed? I would think one is insightful and the other is not.
I always thought the idea of the moderation system was to push trolling down to the bottom and encourage an interesting exchange of ideas. You seem to be implying that there can only be one insightful way to comment on a subject. In any debate, proponents of each side might have valid and insightful points to make. True discussion of ideas shouldn't lead to binary outcomes.
Read the EFF's Fair Use FAQ
I don't get the big deal about spam. Honestly, you get more junkmail than regular mail on a daily basis
One major difference is the effect of bulk mail on the network. With snail mail, spam is paid for by the sender and generates a profit by being delivered, subsidizing the network. While the mailman is dropping off your daily pile of credit card offers, Pottery Barn catalogs, and whatnot, he can also give you that letter from Aunt Martha.
Electronic spam, however, is completely parasitic in nature and paid for by the receiver. Delivering lots of mail increases storage, bandwidth, and administrative costs, but the sender does nothing to pay those costs.
Without junk mail, your Aunt sending you a letter would cost about as much as it does via Fed Ex. Without spam, getting an email from your Aunt would be cheaper, more convenient, and less likely to be lost in a spam filter.
Sure, economics is the key to defeating spam but this is simply an Old School Tactic shoe-horned into current technology by old school minds.
In the old school, they want to control "you" so they can reap the rewards of the value of your attention.
If we take a step back and look at the web, where it came from and how it got to where it is today, we will find;
A) The best was all born of young innovative minds. Many of which were bought by old school thinkers. (and what happens!)
AND
B) The fact that email "was" free (and delivery just happened after you pushed Send), was the leading force that pulled email (and the web along with it) into the "killer app" arena.
So what we need is a young mind to understand what the public needs in terms of economic control and then use the Internet's infinite level of granular programmability to deliver this to the consumer.
NNTP is a many-poster-small-number-of-groups architecture, and is designed to index and deliver those few groups to large numbers of people, and distribute responses from large numbers of people, hopefully saving bandwidth by aggregating all the users of a single massively multi-user machine. It still does that pretty well, but it really needs to have a fair amount of control on what groups are created. Also, it's up to sysadmins of the NNTP server that you use what feeds to carry. It really can't handle the idea of there being millions of groups, and it would be massively inefficient at delivering those to the small number of users that would typically want to see one of them, nor would it's approval mechanism work at all.
RSS is designed for an unlimited number of diverse and widespread feeds, typically with a single (or very small number of) relatively reliable poster(s) and relatively limited numbers of users. It's not particularly efficient at doing that, but generally it doesn't need to be. It's become the dominant model because it's less centralized and more aligned with the current massively distributed web architecture.
Now, *Slashdot* being an RSS feed rather than an NNTP feed is possibly quite silly, but they do it (I'm guessing) because a) not many people actually know how to deal with NNTP any more, b) the tools for RSS these days are frankly just better, and c) it's completely under their control, without worries about what some sysadmin somewhere might decide to do with its feed (modulo government sysadmins, of course :-).
If your doctor wants to use an ISP that restricts his email, that's his business. You can certainly go to another doctor, but you aren't his ISP's customer (he is), so if he's happy with an ISP that charges people to send him mail, that's his call, not yours. If the ISP wanted to only accept mail from domains that start with Q, then it could do so - your doctor might have grounds to complain, especially if they didn't inform him of it, but you certainly don't - his service, his payment, his call.
Ok, for those that don't "get" the author's example. Let's fast forward a few years - VoIP (Voice of Internet Phone Service) has become as dominant as email is today. In fact, most ISPs (your included) rolls VoIP into your Broad Band service. Let's say - $50/month, all you can surf and all you can call. But wait, the cost is so low that now everyone else has VoIP. Also, let's not forget to mention someone creates applications that allow you to Cc (and Bcc) Voicemails to multiple phones with a single click of the mouse. (These apps already exist.) So,,, given the cost advantages of this highly beneficial technology some are getting a few hundred (some thousands) Voicemails/day. (This is called - SPIT).
Now - go ahead, don't email your Doc, rather use your Docs number - Author, please continue.....
Email is not reliable form of urgent communication or appropriate for vitally important documents. It's not secure either.
Phone: If it's urgent you call someone. If you can't get through you leave a message. You have a fairly good idea wether they receive the message, but a solid idea if they actually answer the phone.
Fax: You can fax a person and that'll tell you right away if it ends up on the other side. No guarantee someone is around to check the machine, but if they are, they have your note on a piece of paper. This is good for some contracts and other important documents
Certified Mail: That's what you use for vitally important documents or FedEx, UPS or DHL.
Any company making claims that they can make someone more secure or reliable via email is great, but I'll still use traditional methods for important documents. Should I have to pay for it? I already do when I sign up with my ISP or when I sign up for a free email service. No one would offer those services if they weren't making money from them in one way or another. Those who are the most reliable and provide the best service at the best price win. If some service provider wants to have a third party come in to offer a service, fine, but the ones that don't specifically charge customers will better off and adding constraints and limits are just going to hurt your business. I think the money is better spent lobbing congress to go after spammers.http://paulbuchheit.blogspot.com/2007/06/email-bla ckmail-is-unnecessary.html
Challenge-Response systems won't work if both parties use them and haven't previously emailed each other. Not extremely likely, but the possibility increases as more and more people use these systems. The best example is a mutual friend, who passes the email address of one person on to another (e.g. a job opportunity). The two people have never corresponded via email, so neither one has the other "approved" in their system. Person A's email gets quarantined by Person B's C-R system. Person B's C-R validation email gets quarantined by Person A's C-R system. Both systems just sit there waiting on the other. With a manual check, you could override this (but you can generally override any type of spam filtering if it's halfway decent software).
Any system built-in to detect other C-R systems and try to allow their verification emails through would get exploited by spammers (just like today's NDR-imitating spams). As more and more people started using these systems, spammers would devote more resources at developing automated ways around them. I'm sure it wouldn't be too hard for some program to recognize a C-R email and just click the link in it or send another email or whatever. And that's not even considering the issues of JoeJobs and dumping your spam-filtering labor back onto others, as mentioned above.
This is currently a way to reduce spam, but it isn't the solution.
It's black magic voodoo mind control. The purpose is not to tell people what products are available. Word of mouth would suffice, or directories like the yellow pages. If I want to know about a product or service, I will look it up. I don't need a marketer telling me what to buy.
Marketing is about getting people to do something they wouldn't normally do. It's about getting people to think they want things that aren't going to fill any real need. It's about convincing people to pay more for something than they would have normally. Marketer study human psychology to learn every possible lever for motivating people.
Marketers deny all this to the public, but in private when talking amongst themselves or to clients, they are very blunt about what they do. They brainwash people into wanting things they wouldn't normally want, buying things they wouldn't normally buy, and paying more extra money than the cost of marketing itself. It is an evil, immoral practice, and people who engage in advertising, marketing and public relations are morally bankrupt.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
[Disclosure: I work for Boxbe, a market based solution to spam]
Any market based system that puts the ISP in control has potential to leave its users high and dry. Can I trust my ISP to make decisions for me about who is a good sender and who is a bad one? I don't know. While I don't think ISPs are evil, I know they are desperate to curb spam.
Using payment as a way to ensure messages get through is a viable solution. Most filtering techniques for spam have failed. For every new spam technique anti-spam software developers stop, several new techniques pop up. The financial incentives for spammers to continue doing what they are doing is very high. Thus, the arms race continues. You might have noticed, we're losing badly against spammers.
That said, the incentives for the Goodmail system are all wrong. As mentioned above, the only people that will pay are big marketers. While this certainly cuts out true spammers (Viagra, Cialis, penny stocks, etc), it also cuts out you and me. The money collected ought to go to me, not my ISP.
The only way to get incentives aligned are to include the recipient in the payment plan. Let me set the price and get most of the money. Most ISPs would be happy to receive a cut of that as well as cut down on spam email. As Spy der Mann mentions above, the cost of protecting users against spam is very high.
Additionally, CmdrTaco raises an important issue about people who run mailing lists - would you pay $1000 to an ISP to continue running an email list? Or would you simply shut it down? Leaving the ISP in control of the white list potentially leaves a lot of people out in the cold.
If I control my white list, I wouldn't make CmdrTaco pay (unless he starts spamming me :-) ).
I want to control my white list. I want to control what comes into my inbox.
My time is valuable. If emailers waste my time, they should have to pay me, not my ISP.
Our solution currently works as a forwarding service and with Gmail. We'll be rolling out Yahoo! integration and domain level protection very soon.
Cheers,Randy Stewart
randy@boxbe.com
...stop grass roots organizations/coalitions from getting out their messages about preferred candidates. Having a free, high volume, communications medium makes it impossible for media corporations to control the dissemination of their desired content. (Desired == paid for by their customers.)
Yeah, I know it sounds a bit like tin-foil hat speak, but if you think about how corporations have taken control of all other mass-communications mediums (newspapers, telegraphs, telephones, radio, and television) over the years; why do you think that any part of the Internet will be left available for the consumer to provide essentially free content?
http://nwbagpipes.com/
It's about time the spam industry got its own asstroturfers. Microsoft and Adobe were starting to look lonely.
PS: choke.
From TFBlurb:
"if the recipient has an arrangement with you, as your doctor or lawyer would, then the ISP is interfering in their business relationship with you."
How is this not unlawful restraint of trade??
~REZ~ #43301. Who'd fake being me anyway?
I'll just send this email to my lawyer and - oops!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Perhaps Mozilla or any other browser could filter out any Goodmail messages? I realize that is a burden on the recipient, but if enough people did that (since the ISP's will supposedly be of no help) it could reduce the confirmed receipt of messages and make Goodmail unprofitable.
For another variation on this concept see Boxbe. They deal with email recipients directly, not with ISPs, and they share the message fees with the recipients. Seems like a better system to me.
Your god may be dead, but mine aren't!
note this down somewhere. such scams have been tried before, and all failed. Soon services and sites will be posting "if you are using goodmail featured email services, we are not responsible for your non receipt of account details email" and boom ! goodmail goes down the drain.
Read radical news here
I like the analogy, in that it's spectacularly dishonest. No one's talking about intercepting messages because they're important.
Right now, all mail has a reasonable chance of getting dropped. Spam filters often IMPROVE the chances that your messages will get through, by reducing the chances that mail servers will melt down under load and drop everything.
Goodmail's offering a service promising that particular messages aren't spam. If that works, great.
I have no problem with this, and I am absolutely disgusted by the flagrant dishonesty of the people trying to portray it as blackmail. If you don't pay, you get EXACTLY WHAT YOU ARE GETTING NOW. No skin off my nose.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
How hard would it be to implement a system whereby mail is only delivered if it has a token generated by the receipient's mail server is required?
I don't know anything about mail servers so this may be a ridiculous idea...
A) Inbound mail would only be delivered if it matches 1 of 2 criteria:
1) Has a valid "permanent" token hashed from the sender's email & server seeded within a private key stored on the recipient's mail server.
2) Has a valid "1 time" token for new senders.
B) Inbound mail with a valid "1 time" token causes the server to send a message to the recipient, asking if the sender is valid.
C) If the recipient confirms the sender is valid, the mail server generates a "permanent" token based on the sender's email seeded with the recipient's private key.
This token is returned to the sender's server where it is stored as relating to the recepient's email.
D) The token would be nontransferable since it's hashed using the sender's unique email address thus "permanent" tokens could be revoked at any time by simply blocking the email address.
E) "1 time" token would be changeable by the user at any time so they can continue to use the same "1 time" token for as many new senders as they want.
Eventually the "1 time" token may get compromised by a spammer. No worries, as soon as the user gets a single spam message they know their "1 time" token has been compromised and it's time to change to a new one.
Since all valid repeat-senders have been confirmed and assigned tokens, changing the "1 time" token wouldn't invalidate the "permanent" tokens of any senders.
My thinking is that the only additional hardship on users would be to manage a "1 time" token in addition to their password. The only "cost" to implementation would be to write a few scripts for mail servers to automatically communicate tokens back and forth when a new relationship is forged and then store the token . After the first email, a valid sender's mail server would receive their permanent token to use as long as the recepient wants to get their messages. When a recipient wants to sign up for a new mailing list or trade an email address with a friend they simply have to provide their "1 time" token in addition to their email address and then let the mail servers trade info to manage the rest of the authentication.
The only "big" problem I can think of is that if you send from the same email address but use different SMTP servers or mail clients (depending on where the recipient-related outbound token is stored) then the token associated with a recipient may not be stored in the location you need it. Ie., if it's stored at the server level and I send an email from Gmail's web interface and Gmail's SMTP gets authenticated, if I later send from Thunderbird on my desktop my ISP (Comcast) forces me to use their SMTP with my account credentials but Comcast's server doesn't have the info that Gmail authenticated so it gets rejected. This probably wouldn't be an issue for corporations & mailing lists using the same servers each time, but I could see a problem for "casual" users who bounce back and forth between web interfaces and/or multiple client applications.
There are probably some other holes in my idea, so rip away...
I'm just wondering how long it will take for hackers to zombify enough computers on Goodmail using organizations to make the whole thing of enough iffy-trustworthiness - and thus remove any value offered?
A zero-day Exchange exploit can send out SPAM using a legitimate e-mail address just as easily as a fake e-mail address, I would think, and being Goodmail 'approved' this would circumvent any ISP spam filters.
ISPs are paying Goodmail a fee to vet mass e-mailers but if they can't do it (never mind the fact that Goodmail will have to rely on the IT integrity of those mass e-mailers) then for how long will ISPs use the service?
And how much trouble will the legitimate mass e-mailers be willing to go through to re-certify themselves after something that they might not have been able to prevent (like a zero-day exploit)?
I give this whole idea two years at the most before it bogs down from meaningless reliability.
I saw a presentation by the Goodmail people (or maybe it was a nearly identical competitor?). Basically, they maintain huge lists of IPs and domain names that are associated with spam, or not. More or less an RBL. This service is then contracted out to ISPs, who pay some nominal fee for spam lookups.
The fee that Goodmail charges senders goes to two places. One, it pays for Goodmail to audit them, make sure they're not spammers, and keep them on the Goodmail whitelist. The audits require continuously low complain rates, stricter-than-CAN-SPAM opt-in and opt-out practices, and so on. Secondly, Goodmail monitors their clients' spam status on other RBLs, and investigates and tries to fix the problem if they end up there. (Sometimes it's a mistake and they contact the RBL people; sometimes the machine got hacked and they contact the company.)
Furthermore, it has to be said that 1/4 cent per message really isn't that much. I'd gladly pay that much if it would eliminate spam (which it won't, but just saying). And if they jack up the price later, well, the Internet is an open place, and other configurations or protocols will come out for free.
On the other hand, you have to understand who Goodmail's clients are. They're softcore spammers. They're "confirmed opt-in" marketers, which means people that send you mail that you probably didn't want if you forget to uncheck the "please spam me" box on service agreements. And their mail will no longer be filtered by your ISP's spam filter. Blah.
I hereby place the above post in the public domain.
So I can just put 'em in my /etc/mail/access file and block the goodmail senders?
Your bulk mailing list of 50,000 anonymous subscribers (unless you assert that you have a direct personal relationship with all 50,000 people?) is qualitatively different from a private, personal communication between me and my doctor.
Email is never a good system for anonymous bulk communication. You should set up an authenticated website, RSS feed, or whatever for your 'important news'. This is vastly more efficient and less wasteful of your, mine, and all intermediaries' computing resources than email.
We run into this at $work. We're a B-to-B magazine and we have an enewsletter w/ about 10,000 opt-ins, but the thing is 3,000 of those are spread across the yahoo, aol, hotmail and gmail domains.
When we send our enewsletters (via in-house programming), the ISPs throttle it, none more harshly than Yahoo (we have about 900 Yahoo subscribers and it can take up to a day for those 900 to get delivered). Now Yahoo has a URL you can follow, and I've tried, but it's a bureaucratic roundabout that leads to nowhere (ultimately, Yahoo saying something to the effect of "improve your policies and we won't tell you what you need to do to conform to our standards").
We're moving to Yesmail, who can guarantee delivery, because our business model depends on it. I wish, though, we could change our subscription forms to deny the domains we have trouble with.
"magical clicky clicker?" Sounds like a certain commander took the brown acid.
First off, the Doctor/lawyer issue is a red herring. Private mail to your doctor/lawyer is one to one personal mail. Goodmail is all about commercial bulk mail whether one to one personalized mail or one to many mailing list mail. It is not about personal one to one mail.
The real focus of goodmail is on the legitimate business bulk mail senders like Citybank, Paypal or HP. Goodmail sells their service to these companies to assist in sending mail. If you are Citybank then paying 1/4 cent per message or $2,400 per million messages in order to have a third party deal with coordinating with the large ISPs to bypass their spam filters seems like a good deal. Do the math. Assuming a million customers and a bulk message twice a month comes to a yearly cost of $57,600. Less than half the cost of a staff person who is likely to be unable to make sure all of your mail goes through. S/he might miss an ISP blocking your mail for 2 hours which might mean that 10,000 customers did not get their monthly statement. From a business perspective it is really important that all the customers get their monthly statements and well worth the cost of $57,600 per year.
Now the 1/8 cent per message that gets passed to the ISP is a motivator for the ISP to allocate resources to make sure that the mail that is paid for gets delivered reliably. This is more important for the small or medium sized ISPs who don't have a lot of resources or motivation to throw at managing whitelists. Again do the math. If an ISP has 1000 customers and goodmail can say that on average we will pass 10 verified messages a month to each of your customers that means we will pay you $150 per year. Humm... maybe goodmail needs a sliding scale so that mail to small ISPs cost more than mail to large ISPs. Bulk mail rate of 23 cents a letter means: 1000 x 10 x 12 x ($0.23 / 2) = $13,800 per year. And the business senders still save money because they do not have to print, collate, and label the mail. This higher rate would only apply to a subset of the total recipients. Listen-up small to midsized ISPs, you should band together and start your own certified mail service. Maybe even negotiate as a group with goodmail for this higher rate.
The next logical step for goodmail is to work with the ISPs to brutally filter out non-goodmail messages that appears to come from goodmail's sending customer. So for 1/2 cent per message in addition to getting your messages past the whitelists, the participating ISPs will also filter out 95% of the phishing mail sent that appears to come from your domain. I would bet that a bank would see the additional $57,600 per year as a cheap way to get rid of 95% of the phishing attempts at participating ISPs. Does it solve the phishing problem for the bank, no it does not. You still have the 5% of messages that get through and mail to non-participating ISPs. But if 25% of your customers use ISPs who accept goodmail and reject non-goodmail, then you have cut the phishing problem by 1/4. If phishing fraud costs the bank $1,000,000 per year, that is almost a $200,000 savings. I realize this number is very optimistic. An additional argument would be that your customers will feel more trust in reading mail from the bank because most of the bogus phishing mail is never seen by the customer. I know personally I junk all mail from paypal.com without even thinking about it because I know most of it is phishing. This means that PayPal can not send me bulk mail that I might be interested in because I junk it before I even look at it.
To summarize: Goodmail is not about personal email. It is really not even about the recipient of the message or the ISPs. Goodmail is focused on the legitimate business senders who don't want to deal with whitelists and spam blocking. For a modest cost, goodmail will make sure your messages get through to every customer at ISPs that are willing split the revenue with goodmail. Having advised clients trying to send bulk mail and dealing with the spam filt
People use e-mail because they want to communicate with other people. Once an ISP makes it harder to communicate, people will stop using that ISP. End of story.
ISPs and email addresses are throw-away. I don't think it is in the best interest for ISPs to make it harder for users to have their emails reliably get to their friends. It is in their best interest to get companies to pay to make sure people see their promotions.
Think about how unusable email would be if there were no spam filters? People naturally migrate to email providers whose spam filters are at least "good enough". If their ability to send emails were not "good enough" then people would move away from it.
Ok, what about alerts? They are sent in bulk. And many of these companies could not function as competitively if every email cost them. How will putting a price on this help the user? Dealnews Fatwallet - those are great services, with great prices on great product. What about ebay alerts? Who pays for these? ebay? the auction holder? What about CraigsList? (Oh, sorry, spammers already forced to shut down their alert system. CL's response, turn on RSS - what a piece of crap! RSS bites compared to automatically having an email turn up in your inbox.)
Yes, what you're saying here is that SPAMMERS HAVE WON, and it's because simpletons can't out-think them! They've destroyed a highly valuable resource where much of its value coming from the fact it is free to feed as much information to your opt-in subscribers as they can handle. - The way it should be.
Therefore, I guess because we've turned over the keys for the kingdom to Big Business a creative solution, say one that would keep email free or put the customer in charge of who pays and who doesn't, is out of the question.
So, for all of you supporters I say - Good call - Keep up the good work and "think small" - more of the world will understand your position!
How is this not like Net Neutrality? Deciding what the consumer gets based upon the highest bidder, ignoring what the consumer wants.
There's another reason why this is a bad idea: privacy.
Why should Goodmail know who emails who, and how is this different from NSA building a database of who calls who?
Just my 2c
ummm
you find another one.....
The article brought up the analogy with package delivery: in that system, the sender chooses the delivery mechanism, and anyone can receive packages from any of the major delivery companies (FedEx, UPS, USPS, etc) without signing up beforehand or living in a "FedEx building" or what have you.
Now, like most people here probably, I have several email accounts which are forwarded through Gmail; if one email address goes down, someone can send their email to me via one of the other addresses. Except for the reliance on Gmail, this system would help prevent the sort of blackmail mentioned in the article, so long as my ISPs aren't in collusion.
There are two ways in which this could be made more like the snail-mail system.
1) Most people only have one of my email addresses, so they can't choose among them. Giving everyone you meet two or more addresses on different providers would be awkward. The surface-mail system works because people have a unique identifier which does not vary from provider to provider; since namespace issues would make it difficult to give everyone the same username@yahoo.com, username@msn.com, etc, one might replace this with a DNS-type system which would suggest alternate routes for any given email address.
2) My email aggregator is Gmail, which does its own filtering and so could hijack mail from any one of my delivery routes. Separating email-provider and email-aggregator (like when people have an offline mail program like Thunderbird set up to receive from more than one mailserver) would provide more security.
I'm not saying this is at all a good idea; I know too little to understand the consequences. But I wanted to play out the analogy.
In the US you block spam.
In Soviet Russia, spam blocks you!
I work for a major ISP. We receive SPAM emails in the tens of millions per hour. Thanks to our self-developed filters (which require two full-time developers to keep them up-to-date) and several good filter lists, we manage to block most of it.
Enter Goodmail. How should I go about implementing it, policy-wise? I couldn't possibly risk more false-positives for non-Goodmail. Our customers would rampage if we started to delete non-SPAM more often than once in a blue moon. My only option is to leave everything the way it is now, using a best effort for all customers, and deliver Goodmail even if I think it's SPAM. So it won't save me any resources, and if our filters continue to be developed with the goal of "no false positives", Goodmail will only make a difference if you send a mail that looks a lot like SPAM. In other words, I have to filter and develop anyway. Only now I'm tempted to not be too thorough and slip a growing number of false positives in, to gently push my customers to Goodmail, so I make more money and can be lazy on filters.
My second concern is this: say Goodmail becomes a major success and is widely popular. 30% of the people use it, etc. The "stamp purchase" for Goodmail would then either be build-in into your mail client, or would be automatic at your ISP. Either way, within days the spammer's BotNet client would be smart enough to purchase Goodmail stamps with *your money*, since all the necessary information is already on your computer and the process is very likely automatic with most clients/ISPs. We'd be back to square one, except now being trojaned can ruin you financially. Congratulations.
So, widespread Goodmail's effects will be:
a) ISPs are tempted to make more money AND safe resources by making the lives of non-Goodmail customers more difficult, in the name of more efficient SPAM filters
b) BotNet clients will spend whatever postage budged they can get their hands on to send Goodmail-SPAM.
Come to think of it, I should create a BotNet that sends Goodmail to me, so I get the stamp fees, or half of them, at least.
Excuse me if someone has already mentioned/asked this. . . but isn't this racketeering? Did I read this right? We have to pay for our protection or else the email may not "ever" make it to its destination? What!? If we don't pay will our email wake up in the electronic version of a bed next to a horse's bloody head?