Yahoo Revives Pay-Per-Email, With Charitable Twist

holy_calamity writes "Yahoo research have started a private beta of a scheme that resurrects the idea of charging people to send email to cut spam. Centmail users pay $0.01 for each message they send, with the money going to a charity of their choice. The hope is that the feel good effect of donating to charity will reduce the perceived cost of paying for mail and encourage mass adoption, making it possible for mail filters to build in recognition of Centmail stamps."

How Exactly Does This Fight Spam?

[eldavojohn]

Subtitle of CentMail:

Do Good. Fight Spam.

So it sounds like an 'opt-in' program for doing otherwise would be suicide by a mail provider. And since it's opt-in, I highly doubt the spammers will be doing the opting. So unless your penny is going to an anti-spam organization, how are you fighting Spam?

Also, I'm not too clear on how this would work. Wouldn't it require a certificate-like central authentication server? And wouldn't this increase in traffic just exacerbate the situation of too much traffic? Especially if all Spam starts to come with fake 'stamps.'

Re:How Exactly Does This Fight Spam?

[betterunixthanunix]

The idea is that a Centmail signature attached to a message would automatically reduce the message's spam likelihood; if enough people adopt Centmail, then receivers would be increasingly able to require a Centmail signature on mail, and killfile mail that lacks such a signature.

In theory, great. In practice, I predict it spiraling out of control as different parties try to "get in on the action" and see a chance to turn a profit instead of just giving the money to charity.

Re:How Exactly Does This Fight Spam?

[D'Sphitz]

Let them profit if they want, it sounds like a good idea to me. If I send 10 emails a day, which is probably much more than your average computer user, that's $3.00 a month. I can handle that, but a spammer who sends millions of messages a month cannot pay $10k per million messages.

It's essentially a way to guarantee to recipients of my email that it is not spam.

Also, when customers with zombiefied computers get a six figure bill from their ISP, maybe they'll spend a few bucks to get their system cleaned up and secured, which benefits everyone.

Re:How Exactly Does This Fight Spam?

[Garridan]

Problem is this: if you blindly trust Centmail, then it'll be worth it for spammers to pay to send email. Don't believe it? Check your physical mailbox.

Re:How Exactly Does This Fight Spam?

[ashtophoenix]

But what if your centmail account gets hacked and the hacker uses it to send millions of spam messages. If you credit card is on their file you will be down a $10,000. Of course you can feel good about donating that much to charity!

Re:How Exactly Does This Fight Spam?

[apoc.famine]

Spam exists for one reason and one reason only: someone, somewhere is willing to buy from spammers or otherwise to give them money.

I recently read a theory that challenged the (afaict, completely factless, unproven) idea that the advertisers make money off of spam. It's P. T. Barnum's "There's a sucker born every minute", as seen in get-rich-quick schemes, applied to spam.
 
You have two parties - advertiser, and spammer. Advertiser pays spammer $10k to send a million spams. Spammer sends those million spams. The advertiser sits around, counting his imaginary sales. But nobody shows up. A couple of days pass, he sells $1k of stuff, and is $9k in the hole due to his spamming efforts. Does he spam again? Quite possibly not.
 
But who learned from that? Only that individual advertiser. Even if each advertiser never makes money, as long as there is another sucker in line, there will be no end to spam.
 
There's nothing I've seen that indicates the individual advertisers make good money off of spam. The spammers, sure. But they're just taking money from one sucker after another.

$10 for guaranteed delivery to 1,000 users?

[ickleberry]

Now here's something both the spammers and the ISP's will love. I presume somewhere in their long-term plan is a means of getting rid of all those pesky renegades who run their own email server and don't opt into this scam

Re:$10 for guaranteed delivery to 1,000 users?

[exhilaration]

Exactly, they're trying to charge spammers for guaranteed delivery to your inbox. I prefer the Gmail model of spam management - build some incredibly good filters and eliminate 99% of all spam.

Re:$10 for guaranteed delivery to 1,000 users?

[glop]

Well, the best part for the spammers is when they don't pay the 10$ because the owners of the zombie PCs do... This objection was raised years ago already for other "payment" schemes like for instance the computation payment (you do a computation that takes a lot of CPU to sign the message. So you "paid" for your stamp).
It does not sound like a very well thought plan. Maybe the idea is that people will be more careful not to get pwned?

Re:$10 for guaranteed delivery to 1,000 users?

[prograde]

From the paper, section 3.2 http://centmail.net/centmail.pdf :

A related scenario is when a user attempts to reuse a single legitimately obtained stamp to validate a single message sent to thousands of people. This is in fact considered to be acceptable behavior from the perspective of CentMail, similar to the use of blind carbon copy (bcc) for emails.

That sounds like exactly what spammers do - send the same message to thousands of people. So, really, that's $10 for delivery of 1,000 unique messages to unlimited millions of recipients. Good deal!

Gosh.

[fuzzyfuzzyfungus]

I'm glad that goodwill and fuzzy feelings are able to cut transaction costs; because they'll be the real killer at $0.01 a pop.

I assume, because of this problem, that they'll either be billing you when your tab reaches some worthwhile value, and trusting you in the meantime, or forcing you to buy in large blocks ahead of time(which would be super annoying, goodwill or no).

How stupid....

[Darkness404]

Honestly, this is one of the stupidest things I have heard of. For one, if this is adopted it will lead to discrimination of services (as in, you are using Gmail and not our ISP's pay-mail, so your message automatically gets flagged). For another, I've found that Gmail and other webmail services are pretty good of not giving false positives, in the few years I've been using Gmail, I've gotten 3 spam messages total, none of which was a false positive and no spam e-mails in my inbox. But honestly, this is simply charging for what should be a free service to help solve a problem that doesn't exist if you use Gmail (can't say for any other mail provider because Gmail has been so good I really haven't used any other mail provider).

Oh well

[JohnHegarty]

Your post advocates a

( ) technical ( ) legislative ( ) market-based ( ) vigilante (x) charitable

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
(x) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
(x) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( X ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
(X) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Oh well

[ricotest]

You offer three points in rebuttal:

1) An increase in use of Centmail points could be flagged as suspicious

...after the fact? Or will you have an automated system that prevents the mails from being sent if they seem suspicious? Otherwise a spammer can simply do a hit and run and exhaust the user's account. Regardless of that, spammers are more likely to control a very large amount of zombie Windows boxes, sending out a small number of e-mails on each machine.

2) If a user gets hacked, he just ends up donating more money to charity

Which is wonderful and all, but doesn't really solve the problem.

3) Hackers are more likely to be interested in other aspects of the user's computer

Spammers have demonstrably took over swathes of Windows machines exclusively to send out spam. Even if they didn't, centmail offers the chance to send a mail that is practically verified as genuine, which is very rare, and worth hacking a computer for.

Re:Cost TOO MUCH!

[ctaylor]

I'd rather it was $1 per email. That might cut down on all those forwarded chain emails my relatives keep sending me.

Okay, I'll play this game.

[Ollabelle]

I'll set myself up as a charity, and have the system pull money out of my account, and put into the my other - er, the charity's - account. Now all my spam is blessed.

Please forward this

[xgr3gx]

This message is to raise money for a litte girl with cancer.
Every time someone forwards this email it's tracked, and AOL, Microsoft, Yahoo, and Disney will donate $0.01.
The more people you forward to, the more money we can raise! So please...look into your heart and just take a few seconds to forward this message to everyone in your address book.
If you choose to be a meany, and not forward this email, you will die in 5 years, and so will everyone in your family.