Pay-per-email and the "Market Myth" 295
AOL created quite a stir in February when they announced that senders would soon be able to bypass the company's junk mail filters by paying a quarter-penny per message to a company called Goodmail, which would split the revenue with AOL. EFF and MoveOn.org argued, in an open letter posted at DearAOL.com and co-signed by many groups including Peacefire, that once the big players were able to bypass AOL's mail filters for a fee, there would be less pressure on AOL to fix problems with non-paying senders being blocked, and that the quarter-penny would become a de facto "e-mail tax" for newsletter publishers if other ISPs followed suit.
At the N-TEN conference last Thursday in Seattle, I had the chance to talk to Charles Stiles, the AOL postmaster, and Richard Gingras, the CEO of Goodmail, after a panel discussion about Goodmail's system, where they clarified some issues. First, if you pay for a GoodMail stamp, your mail not only bypasses AOL's junk mail filters, it also gets displayed to the user with a blue ribbon indicating "This mail has been certified" -- which is a promise to the user that GoodMail has actually done a "background check" on the organization and found them to be a "good actor". (So it's mainly useful for banks, as a way of saying "This is not a phishing attack", and for charities, as a way of saying "We are a legitimate charity".) Stiles said that AOL will continue offering a free whitelisting program for people to bypass the filters, where anyone can apply to join the whitelist (even though this can be easily abused by spammers as well, but AOL offers it anyway because most spammers don't bother). If you're on the whitelist, you don't get the little blue "Certified Email" ribbon, but you do get past the junk mail filters.
So, what's everyone so worried about, if anyone can bypass the filters for free? Well, one problem is that this is where Hotmail used to be, before they started requiring senders to pay a fee to bypass their filters. At one time, if your newsletter was being wrongly blocked by Hotmail, you could fill out a questionnaire with some verification information, and they would add you to the whitelist, which is what we once did to get the Peacefire newsletter un-blocked. However, once Hotmail started using Bonded Sender, a third-party company that requires you to post a $2,000 bond in order to get on their whitelist, Hotmail revoked the free whitelistings that had been given out in the past. If your newsletter is being blocked by Hotmail's filters, no matter how many people vouch for you as a non-spammer, the only way to make sure you get past the filters is to pay the $2,000 to Bonded Sender. (I refused to pay the fee, and of the last seven messages that I sent to our press list, all of them got labeled by Hotmail as "Junk Mail".)
Charles from AOL seemed sincere in saying that AOL's free whitelisting won't go away. But he can't promise or guarantee anything, and someday it'll be someone else's decision. And other ISPs, most of which do not have free whitelists, will be tempted to use GoodMail as a de facto whitelist, such that senders that don't pay will have a greater chance of being blocked.
But I think there's a bigger problem underlying all of this. It's not about specific problems with GoodMail's or AOL's or Hotmail's system. The problem is that many advocates of these systems say that any flaws will get sorted out automatically by "the market" -- and in this case I think that is simply wrong. And in fact the people on Thursday's panel can't really believe it either, because one thing we all agreed on was that Bonded Sender sucks. But has the marketplace punished Hotmail for using it? Have people left in droves because non-Bonded-Sender e-mail gets blocked? No, because if they never see it getting blocked they don't know what happens. Free markets only solve problems that are actually visible to the user.
And this is why groups like EFF and Peacefire are rallying against pay-per-mail. We don't protest bad ideas. We protest bad ideas that could cause harm because by their nature, the marketplace will not kill them. Think about it: if AOL announced that they were going to start charging $100/month for dial-up, would we care? Would MoveOn send out e-mail warnings to its AOL subscribers? Would the EFF start a coalition against it? No, because users will abandon AOL over something like that, and the marketplace will kill it. But people don't abandon their provider over wrongly blocked e-mail if they don't even know it's happening. And thus pay-per-mail could become a de facto standard because it's invisible to customers.
If Microsoft released a new version of IE with huge ugly buttons that were hard to understand, would civic-minded groups and public advocates complain? No, because that problem will sort itself out through browser competition. It's when Microsoft releases features that have bad implications for user privacy and security, that civic groups and experts complain loudly -- because most people can't assess the privacy and security risks of using their browser, and so the marketplace alone won't solve that. (Microsoft knows this, of course, which is why they have sometimes released features that have bad implications for users' privacy and security, but they never made the buttons big and ugly.)
This is what I think people like Esther Dyson don't understand, when she wrote her editorial in the New York Times: Partly she wrote why she thought GoodMail was a great idea, but mainly she wrote that she didn't see why EFF and other groups were so upset, when if the idea turns out not to work, it will die in the market. "If they [AOL] don't do a good job of ensuring that customers get the mail they want, even from nonpaying senders, they will lose their customers." But that's simply not true. Hotmail subjects anyone to random blocking who doesn't pay the $2,000 Bonded Sender fee, and there's no evidence that it has caused them to lose customers.
Private companies do not have the absolute right to do whatever they want with your mail. If you sign up to receive mail from someone, and they send you an e-mail, then that e-mail is your property; if your ISP knows that the sender is almost certainly not a spammer, then they are violating the sender's and receiver's rights if they block the message. (Not First Amendment rights -- those only apply to government laws -- but rights based on contracts and implied warranties, since I think an e-mail address comes with an implied warranty that your contacts will be able to send you mail for free. So stop composing your -- yes, this means YOU -- stop composing your message saying that First Amendment rights don't apply to private companies.) EFF and other advocacy groups are working on anti-spam solutions that respect these rights, and you may agree or disagree with their proposals. But the point is that they should be commended for realizing that the marketplace will not preserve these rights "automatically".
After the N-TEN panel on Thursday, since I had sent a "communication" to Richard Gingras from Goodmail by asking him a question, I handed him a penny and reminded him that, per his agreement with AOL, he had to give half of it to them. I hope I never have to pay Goodmail anything again to get my message through, and I hope you never have to either.
ISP (Score:2)
Me too - no filters for me, please (Score:3, Interesting)
All I want is a data pipe, please. Don't filter my content, just give me a pipe with as much speed as I can pay for.
I don't use email filters because I don't trust them to not block important content. When one email address starts to attract spam, I just delete it and create a new one. I put an auto-responder on the old account that says,
Re:Me too - no filters for me, please (Score:3, Informative)
You dont. If you're running your own mailserver, just create junk aliases and simply keep them around for as long as necessary. Heck, create separate personal email aliases for everyone of your friends when you're at it, and it becomes their responsibility not to spread their access address to you around, or you'll simply junk it and make a note not to give them a new one.
In todays overly communicative world, the desireable resource is n
Market Solutions (Score:3, Interesting)
If you aren't getting emails that you aren't expecting, oh well, that's spam.
I disagree with the assertion that the market would not kill off this idea. If you aren't getting emails you expect (as has happened to me in the past) you will seek an alternative solution. If it's really important, there's this device called a telephone whereby you can actually speak with someone else in urgent situations.
Re:Market Solutions (Score:5, Insightful)
I'm on the OpenBSD-security-announce list for example: Where OpenBSD announces when they've found a security bug. I never expect an email from them, but if they send one I want it.
The problem, as they see it, is that if I didn't get an email sent by that list I'd never know. I don't know when or if it was sent. But I still want the email.
This is one of the most common uses of email. It is something spam tries to hide as. A good spam-fighting solution must be able to handle it. Sender-pays doesn't, espcially for small/free projects.
Re:Market Solutions (Score:2)
Have you considered that email lists like that might just be a bad idea in general? It seems to me that that kind of thing would be better implemented using RSS instead.
Of course, it doesn't change the fact that pay-per-email is a bad idea anyway...
Re:Market Solutions (Score:4, Informative)
As far as I can tell it would be the same info either way, so the less load on my connections is preferred.
Re:Market Solutions (Score:3, Informative)
No. For infrequent security alerts, you want to use a push technology like email: the advantages are that (a) it's everywhere (even the most stripped-down BSD server will have a basic email client), and (b) it saves bandwidth (because you don't have people's aggregators constantly probing your site for changes).
Re:Market Solutions (Score:2)
Re:Market Solutions (Score:2)
That's the difference - in the former scenario, there's an excellent chance that the user would be none the wiser, while in the latter, it's obvious that something's going on.
Re:Market Solutions (Score:3, Insightful)
Systems like this tend to creep, and creep in the very directions I don't like. Given that sender-pays this way doesn't really do that much to actually stop spam, I'd rather it wasn't used at all. (Then it can't creep.)
You are going to ask me what I think will work. I think good filtering is already working. It decreases the ROI of sending spam, and there are costs to sending it. In the meantime a good filter means I don't have to see spam. I get 120+ spam em
Re:Market Solutions (Score:2)
Re:Market Solutions (Score:3, Insightful)
Honestly, if you go with a service like aol people expect you to have your hand held. Thats what aol is doing here so i dont know why its surprising or
Re:Market Solutions (Score:3, Insightful)
Sorry that really isn't the way I want it to work.
(that was my filtering, but on criteria likely to be used elsewhere...luckily my work ISP doesn't dump anything themselves)
My home ISP is annoying enough with dumping attachments, quarantining pictures (interesting way to combat spam tho, you never hit their server for the pic to confirm receipt) but i think they let them all thru. Oddly enough my home
Re:Market Solutions (Score:3, Insightful)
Bulk -vs- Spam (Score:2)
Bulk mail plain and simple is newsletters, monthly statements, etc. This is anything sent out en-mass. It can easily be detected by large ISPs by a burst of connections in a short piece of time, or similarly formatted e-mail in sequence. Bulk is subscribed- your bank statement, your annoucement list, your flyers, etc
Re:Market Solutions (Score:2, Insightful)
I work with a clinic that does email notifications of appointments, and when someone signs up for our email and doesn't get their reminder, it's never their fault for forgetting to whitelist us, it's always our fault for typing in their address wrong or forgetting to write them their email.
Fortunately, when people are barfing all over the floor or their baby's got a fever of 105, they don't get so pissy when you tell them t
Re:Market Solutions (Score:5, Insightful)
The users just don't understand that their ISP is hiding their email from them. For whatever reason, they are convinced their email is just fine, it's got to be a problem with the list.
Re:Market Solutions (Score:5, Insightful)
If enough people do that, well that's a market solution.
Re:Market Solutions (Score:4, Insightful)
A lot of the time legitimate email is unexpected.. sales and support queries for example. And their replies... if an aol customer sends you a sales query and aol blocks the reply it has cost *you* money as you have lost a customer. AOL user thinks you didn't bother replying and buys from someone else. It's worse with support - AOL user things you can't be bothered replying, tells all is friends that you suck because you never reply to support queries and you lose multiple potential customers. None of this hurts AOL - the market does *not* kill it off.
Re:Market Solutions (Score:2, Funny)
Yeah, it's called "VoIP" I hear.
Re:Market Solutions (Score:2)
Also, in the case of listservs and such, if I sign up for a newsletter, and then forget later that I have, when none of the messages have reached me, I won't know that I should have been expecting them until I remember later. I should, however, have expected the service provider to deliver them to my inbox.
Re:Market Solutions (Score:2)
Re:Market Solutions (Score:2)
Umm, wouldn't the failure of getting emails that are not expected be considered spam protection instead? I mean, if you're not expecting an email, and you're not getting it, that seems to me like you've got good filterng setup, or at least have a good whitelist.
I call BS, not all legit mail is expected (Score:3, Insightful)
From my own personal experience, I recieved unexpected email in 2002 from my father whom I had not heard from in almost 12 years.... I'm kinda a little happy that "the market" wasnt the arbitrating factor if I recieved that mail or not
Re:Market Solutions (Score:2)
If it's really important, there's this device called a telephone whereby you can actually speak with someone else in urgent situations.
The first thing that popped in my head was the scene from Terminator 3 where the evil terminator is making modem sounds over a cell phone to get at data in a remote system. Telephones may work for simple messages, but anything more complex such as files just doesn't make the transition.
Re:Market Solutions (Score:3, Insightful)
But I will belabor the wastefulness of trying to use a phone as a substitute for e-mail. Say my organization wants to announce an event. Instead of using e-mail (and ignoring cases where I have an e-mail address but not a phone number), I have to spend days calling people up, determining whether they're intere
Re:Market Solutions (Score:2, Funny)
Re:Market Solutions (Score:2)
If you can connect to the mail server over the network and fail to receive email you are expecting, especially if you know through another channel that you should have that email (e.g. telling a professor you emailed a project but he didn't receive it), I don't think the network cable is to blame.
It will affect us more than them (Score:3, Interesting)
Re:It will affect us more than them (Score:2)
I have to pay a "verisign tax" to get a CERT that will validate with the pre-installed roots distributed with IE and FIREFOX etc.
I cannot simply self sign.
In the case of this email,
I will not be able to get the blue ribbon without paying an "aol tax" to get their solution du jour.
Re:It will affect us more than them (Score:3, Interesting)
Agai
Was there a story? (Score:2, Funny)
New heights of disingenuousness from Peacefire! (Score:2, Interesting)
The author complains that his organization is unwilling to pay $2000 to send bulk mail past Hotmail's filters, and then complains that it is a violation of the sender's and receiver's rights to block the resulting mail as junk mail, basing this on an implied contract with the receiver. That reaches new heights of disingenuousness.
First, it ignores the possibility of the recipient creating a new account somewhere else. If AOL gives peopl
Re:New heights of disingenuousness from Peacefire! (Score:2)
If your mother sends you an email saying your dad's in the hospital and you don't get it because it was sent from a hospital computer instead of their usual account, you're going to rush right out and get a new account so you can get this email? Or are you going to live your life blissfully unaware of the fact that important messages are being dropped on the floor?
Re:New heights of disingenuousness from Peacefire! (Score:2)
Re:New heights of disingenuousness from Peacefire! (Score:2)
AOL == Internet (For AOLers) (Score:2)
Any AOL customer that does is essentially an extreme outlier.
Second, it claims an implicit contract which is not present.
That contract is present. Very, very, very much so.
It all goes back to what AOL actually is to the end customer. AOL isn't just their ISP. AOL, quite literally is the internet. For the vast majority of AOL's customers, there is no distinction between the concept of "The internet" and "AOL". To suggest
Re:AOL == Internet (For AOLers) (Score:2)
There's no implicit contract, because, as I said in my original posting:
[e
Re:AOL == Internet (For AOLers) (Score:2)
Re:New heights of disingenuousness from Peacefire! (Score:2)
Your assuming that people even want to have multiple email accounts. I will make the assumption that the majority of Inernet users have at most, two accounts. One provided by thier business and possibly one provided thier ISP, free account service, etc, for personal email.
I think t
AOL is free? (Score:2)
Re:New heights of disingenuousness from Peacefire! (Score:2)
Private companies do not have the absolute right to do whatever they want with your mail. If you sign up to receive mail from someone, and they send you an e-mail, then that e-mail is your property; if your ISP knows that the sender is almost certainly not a spammer, then they are violating the sender's and receiver's rights if they block the message
I have signed up for things (and bought items from online shops) and have forgotten to check the "no
Two dots not connected (Score:5, Insightful)
The connection not made is that there is another reason it would become a de facto tax. I work for a nonprofit organization. If an AOL user knows that organizations and companies who have become certified get a blue ribbon, and we don't pay up, then the customer's question becomes this:
Why don't you have a blue ribbon, too?
That hurts us. And it's yet another reason this amounts to extortion.
Re:Two dots not connected (Score:2)
Defining customers not leaving Hotmail because they can't get email from Bennett Haselton as
Re: (Score:2)
Phew the junk will be marked (Score:3, Insightful)
Thoughts (Score:2, Insightful)
- Spammers copy and paste the blue ribbon into their spam templates in 1/100th of the time it took Goodmail to come up with and implement it.
- Spammers sign up for Goodmail to send some of their spam out, in quantities that will allow the cost to be worth it. The spam folder in your e-mail just became worthless.
- I refuse to use Goodmail, and my legitimate e-mails start ending up in Spam. I encourage users of services that do this to switch to "a better e-mail service with b
Re:Thoughts (Score:2)
And spammers can hide behind legitimacy real easily... I've seen some that had all the (fake) references, 'opt in' policies, the works... and they still spammed mercilessly.
Re:Thoughts (Score:3, Informative)
Re:Thoughts (Score:3, Informative)
Unlikely. The way Goodmail works is every outgoing message talks to their servers to get a token to put in the message, and every incoming message is validated by asking their servers about the token. Each token is unique, tied to a specific message, etc (it is domain keys, but Goodmail servers have the public and private keys). I think there are real issues with scal
It won't work! (Score:2)
Over the years, I became bored with Yahoo since they could not offer their Launchcast service on anything other than Internet Explorer and Windows. I dumped them in and now GMAIL is the answer.
The point is, there are many providers willing to provide email sevices for "free". If a provider "fools arr
Hotmail, do they really? (Score:4, Interesting)
Do they actually block the email, or do they just send it to your junk mail folder? I am on numerous email lists, and I find it hard to believe that any of them would have coughed up the $2k to avoid getting blocked. Those emails all go to my junk mail folder by default (I have my in box set up with a white list), which is right where I want them to go. They sit in there for 7 days for my review and get deleted on their own, no need for me to hold tri-mag build questions or Microsoft news letters for more then a one time read. So if the "blocking" is just getting sent to the junk mail folder, I say who cares.
On the other hand, allowing a company to stick their emails in my in box against my wishes (like some MS and Hotmail newsletters) really annoys me. It bothers me in the same way a two tier internet bothers me. It takes away the level playing field and turns the system itself into a capitalist entity.
But I do like the idea of a certified white list and verified emails. Anything to cut down on the number of phishing emails and exploitation of the uneducated computer using masses.
-Rick
Find a solution, another problem pops up (Score:2)
Massive spammers should be punished, but the problem is that once they are gone, another spammer moves in to take their place. People should know better about responding to spam mail, phishing attacks and the like...but unfortunately, there will always be people who don't.
The market doesn't solve all... (Score:2, Redundant)
Maybe (Score:2)
Re:The market doesn't solve all... (Score:2)
Now, you might want to propose "Well, let's have politics solve problems that it solves best, and markets solve problems that they solve best". That's a great idea. How do you tell when politics is solving a problem better? Politicians don't go bankrupt, because it's *your* money they're spending, and you never run out of money (from
E-Mail protocol needs to be redesigned (Score:2, Insightful)
They should have the domain registrars hand out domain certificates with which e-mail communication has to be signed. In which case domain spoofing will be impossible and you could create domain block lists that work.
Re:E-Mail protocol needs to be redesigned (Score:3, Interesting)
Mass senders have to MAKE users aware of issue (Score:2)
There should be well-known list of providers (like Hotmail) that use this practice. Then there should be a standard page that can be freely used by anyone who offers a mailing-list subscription. What this page does is exa
There is a precedent (Score:2)
Currently the costs are carried by the email reciever, but there is no indication as to what it costs the reciever and there is no charge back mechanism. Th
I've got a solution for spam (Score:2)
People are forgetting... (Score:3, Insightful)
Re:People are forgetting... (Score:2)
Re:People are forgetting... (Score:2)
No, we aren't (Score:3, Interesting)
OTOH, I send and receive a lot of legitimate email. I pay for this when I pay for my connectivity. I shouldn't have to pay agin.
Now if you let *me* decide how much a spammer has to pay me before s/he
Narrow View (Score:2)
Pay per email fails basic economic tests (Score:2)
Story Date: Feb 28, 2006 10:56 PM
Subject: Proof that "Sender Pays" will not stop spam even one little bit
Category: Geek Stuff
For those who don't know, the idea of "Sender Pays" is to make the cost of sending an email slightly higher than zero for bulk emails -- some say for everyone. Say a penny a message or less. AOL and YAHOO are talking about using this method for public bulk mailing lists. While neither is saying they'd charge users directly, the idea is that if bulk
Time for an ego adjustment (Score:2, Funny)
and
Re:Time for an ego adjustment (Score:2)
The most important question wasn't answered. (Score:3, Insightful)
The problem wasn't that your customers are receiving advertisements that weren't blessed by AOL -- it's that they were receiving too much junk mail -- PERIOD. Your clientele are already paying AOL their hard-earned money for connectivity, how does stuffing their $INBOX full of junk mail help them?
Wasn't this one of the things your customers originally whinged about a few years ago?
The good news is that the market will address this issue and correct itself.
Transport vs Content (Score:5, Insightful)
This isn't to say that content can't or shouldn't be 'regulated'. There are situations where this is clearly desireable, however, the providers themselves should not be allowed make those decisions.
Living in a time when communications is so widespread, not only amplifies it's effect, it also makes it's antagonists more desperate. Governments, corporations and numerous other groups have repeatedly demonstrated their intolerance of open communications. Combine this with the temptation to profit by creating classes of service within the transport system and you have an ugly mix.
Classes of service are a de facto process of discrimination. Build the features to support classes of service for profit, and their use for information suppression will not be far behind.
Do you really want AOL or News Corp deciding what contetn is fit for your consumption?
They don't get it. (Score:2, Insightful)
The example given that you might not get some important email that announces some security issue is bogus. If you are expecting to get your security announcements through *AOL*, you get what you deserve. AOL's service level agreement with its customers basically says that if we're unavailable, we won't charge you for that time, you have no oth
Re: (Score:2)
Re:No-one's listening to you, Bennett. (Score:3, Funny)
SpamShare (Score:2)
Bulk email would be sent only to very high "welcome rate" recipients. And actual spam getting through would help pay its own cost. Why should AOL get all the profit off the spam it loads into your life?
My experiences with email sending.. (Score:3, Informative)
Here are the places to start:
Free Certification
AOL: http://postmaster.aol.com/whitelist/ [aol.com]
Yahoo: http://add.yahoo.com/fast/help/us/mail/cgi_bulkma
Verizon: http://www2.verizon.net/micro/whitelist/request_f
Reporting
Spamcop: http://www.spamcop.net/w3m?action=ispsignupform [spamcop.net]
Hotmail: http://postmaster.msn.com/snds/ [msn.com]
Senderbase: http://www.senderbase.org/ [senderbase.org]
Email Signing
SPF: http://www.openspf.org/ [openspf.org]
DomainKeys: http://domainkeys.sourceforge.net/ [sourceforge.net]
Paid Certification
Bonded Sender: http://www.bondedsender.com/ [bondedsender.com]
Habeas: http://www.habeas.com/ [habeas.com]
Goodmail: http://www.goodmailsystems.com/ [goodmailsystems.com]
A lot of providers outside the US have many of their own rules and regulations to follow, which makes it quite difficult to achieve deliverability. At the end of the day, we try to follow all the rules that have been laid out from existing companies and then deal with individual providers on a needs basis. The more users that use that ISP, the more we are willing to obey their individual rules.
Unfortunately, I see paid certification becoming the way of the future. If I can pay to guarantee to have my clients email delivered rather then negotiate with ISPs every other week based on their varying criteria, I'm pretty sure my company will pay for it. I don't like it, but results are the bottom line.
Reliable Email (Score:2)
The big problem with the whole concept of "pay" e-mail is figuring out who to pay. All the folks who carry the message are already being paid (by both the ISP and the consumer). Where should the money go? Maybe it should go to the receipient of the e
Perfect solution in an inperfect world (Score:2)
I have to say that using yahoo e-mail I rarely get large ammounts of SPAM that makes it past their spam filter. And it has been a really Long time since something was mistakenly put in the SPAM folder.
Bad analysis (Score:2)
Of course they find out about these things.
On this market myth (Score:2)
I don't agree. (Score:3, Informative)
Yes, I said it, the legiatamate mass mailers are part of the problem.
What would you say if a corporation started one of the following as business practoces:
A) Because of the high crime rate among conveience stores, all clerks will be issued guns and told to point them at the customer at all times.
B) Our salesman will run up to you, whip out a bottle of perfume point it at you and say PAY ME $25!
C) When you arrive at our gas car wash, masked men will remove you from your car, get in, and drive it into the carwash.
Customers would object to this. They have the right to object to this. The problem is that the activities being proposed, while they may be legal, APPEAR illegal. It is both stupid and irresponsible for businesses to engage in activities that are that close to being illegal.
It is the responsibility of the legitamate mass-emailers to distinguish themselves from spam. If they can't do this, then they should not be engaging in mass-emailing at all. If you can't convince hotmail that you are not spam, then you have an unethical business model.
Yes, this may force people to STOP using mass-email. There is no right to use it. Yes, you may like it, but it is argueable about ANY of it being 'legitamate', and it is up to you to find a way to prove you are legitamate, not up to the email service suppliers to prove you are not legiatamate.
There are lots of ways to deal with sending out large amounts of data daily. Message boards work fine. The g-d d-mned adware junk could also be converted to legitamate use, downloading your message once/day instead of via email.
If you can't clean up your act so your so called legitamate email is indistinguishable from spam, then you business model deserves to go down in flames.
Email was not a "late night hack" (Score:3, Informative)
look it up if you don't believe me.
You insinuate that hardly any work at all went into the creation of email. This says otherwise [livinginternet.com].
Re:Email was not a "late night hack" (Score:2)
This even says so [livinginternet.com].
Maybe you should read it.
Where is the "quick hack" part? (Score:3, Informative)
Maybe you should read it.
I did. Where does it say anything about email being a quick hack? I assume you're referring to this bit:
Re:Email was not a "late night hack" (Score:3, Interesting)
--dave
Re:the real problem (Score:4, Interesting)
Well, the reason mail is the way it became is that a few universities, defense contractors, and government organizations needed to communicate, and given the reliability of network equipment of the time, open relays were a necessity to ensure that email got through. The reason that something along the lines of SPF didn't come into play from the beginning is multifold; DNS wasn't around (hosts were maintained in host files at each site), every organization on ARPANET was 100% trusted, and there was no incentive to forge emails nor to do what we now call "spamming" - in fact the few early advertisements which went out in targeted emails were heavily criticized.
When ARPANET became the Internet and DNS came into being due to the volume of hosts going online, open relays were still the standard, not due to network reliability (which had significantly improved) but due to legacy support. To maintain backwards compatibility SMTP stayed pretty much as-is from day one, and with the harsh criticisms that followed early email advertisemtns from trusted organizations, no one really anticipated a number of things:
- Internet access becoming a commodity (Quantum Link and Compuserve were just coming into their own then, and dial-up to proprietary online services was the wave of the future beyond private BBSes)
- Everyone having multiple, multiple email addresses
- Commercial entities abusing the network
In hindsight it was quite obvious that things like SPF would be required but given the Internet's early history (and computer networking in general) it's clear why they didn't think of security and sender verification when first implementing an email solution.
What AOL, Hotmail, and others SHOULD do is not use that GoodMail crap (it's not good sense to do that!) but to make SPF required rather than optional. If you want to send email to AOL recipients, on your authoritative servers, you must list which hosts are actually allowed to send emails from your domain via an SPF record, and all emails from your host not meeting the SPF rules will be regarded as spam and not even make it to the receiver's inbox.
This puts the onus totally on the senders. Want your mailing lists to make it through to the receiver? Make sure your listserver is listed in your SPF rules.
This is why SPF was proposed in the first place; to overcome issues arising from legacy support, to work around open relay-originating spam without having to block legitimate email from open relays, and to avoid the need for whitelisting.
Want to learn more about SPF? Check out http://www.openspf.org/ [openspf.org]
Posting this reminds me: I need to update our SPF records. Oops!
Re:the real problem (Score:3, Interesting)
We can trivially solve 99% of the spam problem by the following measures:
remove the underscores (Score:2)
If you do that, you have paid a price to send me email. Anybody have a problem with that? So why is it wrong when Goodmail customers pay AOL to send them email?
Re:remove the underscores (Score:2)
Re:Email taxes (Score:2)
GP: ...over some random encrypted port...
P: ...traffic on port 25...
It is rather easy to set up servers to run on nonstandard ports. I could see many people doing this as a way to bypass a "tax firewall" if it ever got that far.
Re:Real mail (Score:4, Insightful)
That is a great analogy but I'm not sure your conclusions are right. As the price has went UP over the last 15 or so years I have noticed that the concentration of legitimate letter mail I get has went down. Bulk advertising or 'Spam' mail has actually increased in percentage. Individuals and companies I actually do business with have started using email rather than pay high postage rates. Many companies offer incentives so you can get your bills deliverd in email format.
If postage and paper was free we might get significantly more advertising, but we also might see more people drop a card in the mail once in a while with a written note. Cost is a significant factor for me in wanting to pay bills online and send email to friends rather than written notes.
The USPS has done exactly what AOL is trying to do. They have catered to big business that can see an ROI on their investment. Everyone else that sends letters 'First Class' and isn't trying to spam postal patrons gets screwed.
Re:Real mail (Score:3, Funny)
Sure, but in that hypothetical situation, the junk mailers' boxes would be full, too. As it is I use those postage paid envelopes to return all sorts of interesting stuff. Usually I just return the contents of the original envelope, but sometimes I pick up random junk off my desk that will fit in there. Used kleenex, shredded paper, page from a playboy, etc. I figure eventually they'll figure out that I don't ever want to hear from them again. If they don't figure it out, I get more free entertainment. Yes,
Re:Real mail (Score:3, Insightful)
You mean: commercial email (Score:2, Interesting)
Re:I wonder (Score:4, Informative)
Yes. Certified Email only bypasses site filters; not an individual's filters.
Re:Bennett Haselton? (Score:2)
He's too busy trying to take away my right to configure MY internet connection to update that site.
I see I touched a nerve on somone,though. I was moderated flamebait.. Wonder if Bennett is reading...
Re:Not even an externality (Score:2)
Yes, absolutely. Economics 101: one of the assumptions of the free market model is perfect information access on the demand side. Government 101: One of the assumptions of the true democracy is perfect information access on the voter side. Lucky for us, our economy is not a perfect free marke
Re:Not even an externality (Score:2)
Re:Not even an externality (Score:2)
Anyways, in the interest of information (which I've been told wants to be free), here is the "forbidd