Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Spam

Another Whack at Spam 282

Posted by CmdrTaco from the problems-that-won't-be-solved-until-2006 dept.
mmoncur writes "Tim Bray just put up an article called Another Whack at Spam that has been getting some attention. It just looks like a variation of the old pay to send idea to me."
This discussion has been archived. No new comments can be posted.

Another Whack at Spam More

Another Whack at Spam

Comments Filter:
  • Should've been "Another Scam at Work"
  • I looked at the article, and I still don't see how payments would even work. I have to send a few emails a day -- so I'm paying pennies per day? That's ridiculous. Plus, there's already all this software that sends and receives email for free... it's all going to have to change. It's a herculean effort, and will still result in spam -- regular mail costs a ton in comparison, and I still get junk mail in there. Perhaps filters plus busting bad offenders will eventually make a good difference... just taking my name off of lists has helped me a great deal.
    • You don't get it. You wouldn't have to "change your email software" - you'd simply change the SMTP server you're sending your email through. You'd send it through this "pay" server, instead of your normal server. The pay server would recognize you every time you send an email through them, and automatically debit your (pre-arranged, pre-paid, or credit-connected) account. Your email client wouldn't have to do anything. The "pay" part happens on the server.
      • Actually, Yes, I do get it. EVERY SMTP server would have to be changed... is that realistic? I don't think that it is... especially since all the spammers I know own SMTP servers. In fact, they report great revenue streams by owning several SMTP boxes and spamming people, hence the reason there is so much spam.
        • No, "every" SMTP server would NOT have to be changed. You'd simply point your mail client to one of the (huge) new ones that uses this model. As the article noted, they would probably be run by the Post Office, courier services, or maybe even telcos. You'd use one of their giganto-STMP servers, instead of your ISP's piddly local one.

          Incoming mail from an SMTP server that is not one of these authenticating-and-billing ones would be subject to the scrutiny of your Bayesian filter, which could have its thr

    • The big problem with any pay-per-send idea is spam economics. Somehow everyone believes that paying a poultry sum will scare spammers off, despite ongoing problems with spam calls, snail mail, SMSs, and the like. Charging money won't take away the spam.

      • You're missing the economics point - the reason big spammers spam is to make money, and the reason little spammers spam is that they think they can M4k3 M0n3y F4$$T using spamware than the big boys sell them. (By definition, big spammers make money or they wouldn't stay big....) The reason they make money is that the cost of spam is so low that the probability that an individual email hooks a customer can be very very low and they'll still make a profit. If one message per million gets you a $100 V14gr4
    • I have to send a few emails a day -- so I'm paying pennies per day? That's ridiculous. Plus, there's already all this software that sends and receives email for free... it's all going to have to change.

      How about this: The recepient indicates whether or not the sender should pay $0.01.

      Regular folk will take ages to spend $1 (spiteful receipients, etc), and spammers will have to pay $0.01 for each message.
    • Bray appears to be going over the same territory that's been explored before, without the benefit of reading the previous analysis, so he's reinventing the hexagonal wheel when other people have already figured out that round wheels with axles work better. There are a variety of ways to build services like this, ranging from central-planners imposing artificial costs on senders to recipients charging for their attention using popular payment services. Bray's closer to the central-planning end of the spec

  • SPAM filter (Score:5, Insightful)

    by Anonymous Coward on Tuesday October 14, 2003 @07:07AM (#7207375)
    The only viable solution to spam using the current infrastructure is learning algorithms such as Bayesian spam filters. (Would be interesting to see if similar techniques could be used to beat such spam filters and get spam through..)

    Trying to get everyone to change from SMTP to something else just isn't going to work. There is too much for an instant change. This principle is basically why we're still using IPv4.

    • Re:SPAM filter (Score:3, Insightful)

      by Sheetrock ( 152993 )
      The change from SMTP to something else is probably the only thing that will work, in my opinion. Every other proposed option is a kludgy workaround.

      Bayesian filters work pretty well, but there is still a cost being borne by every system that must transfer the mail that's just being thrown away. Pay-to-play e-mail punishes everybody. SPEWS and similar are error prone as SomethingAwful have demonstrated and are reactive, not proactive.

      We've got a greater need for SMTPng than IPng. I'm pretty sure that

      • Here's my blog reply to Tim Bray:
        Tim Bray proposes [tbray.org] having people pay 1 cent per email. It's not much, but it would make some many non-profit email lists unworkable. Most other proposals like this charge only for the first email from an unknown sender, and usually a lot more than one cent. This does require the recipient (perhaps at the ISP level) keeping track of who is already authorized to send free mail.

        There are actually quite a few workable schemes for preventing spam. Tim Bray is right that any

  • Uh.... no! (Score:3, Interesting)

    by TopShelf ( 92521 ) * on Tuesday October 14, 2003 @07:09AM (#7207382) Homepage Journal
    It sends email from anybody to anybody for 1 ($0.01) each. You open an account with them, drop in say $10 and you've bought the rights to send 1,000 emails.

    Even though a penny an email sounds innocuous, this just won't fly. For one thing, the infrastructure you'd need to track the financial side of things would probably prevent the figure from being that low. Plus there's the whole loss-of-anonymity that goes along with paying for email rights. The biggest problem is that while this service might appeal to those on the receiving end of email, I can't see a wide market wanting to sign up as senders...

    • Convert that .01! (Score:3, Interesting)

      by Angram ( 517383 )
      I think the bigger problem is the lack of consideration for currency exchange rates. $0.01 in many third-world nations is more than a family would spend on food for the day. In England, it's only a fraction of a pence. Wouldn't this just drive spammers to wealthy nations and prevent poorer ones from interacting at all?
    • Even though a penny an email sounds innocuous, this just won't fly. For one thing, the infrastructure you'd need to track the financial side of things would probably prevent the figure from being that low. Plus there's the whole loss-of-anonymity that goes along with paying for email rights. The biggest problem is that while this service might appeal to those on the receiving end of email, I can't see a wide market wanting to sign up as senders...

      Agree.

      My pet idea is that the general principle is sound -

    • Plus there's the whole loss-of-anonymity

      But isn't that a necessity? If you can send messages while remaining completely anonymous, cheaply, and expect them to be seen, then you can send spam. I can't see any way around that. All the proposed solutions I've seen have involved breaking one of those parts: either the anonymity directly (e.g. authentication), the cheapness (e.g. charging, which breaks the anonymity indirectly), or the expectation of being seen (e.g. challenge/response, which needs a semi-p

  • Any generic word should work the same... (Score:3, Interesting)

    by KarmaPolice ( 212543 ) on Tuesday October 14, 2003 @07:12AM (#7207394) Homepage
    So the basic idea of the article (I guess I'm not a real hardcore /. reader since I bothered to read the article) is that every mail is sent through a common SMTP relay and everyone that wants to e-mail you, must sign up with that company.

    Then you filter all e-mail not sent through that relay...i.e. e-mails not signed by them!

    Here's a cheaper idea: I tell everyone I know to start the subject line with "goat" if they want to e-mail me. Then I filter all e-mail without "goat" as the first word in the subject...
    • Here's a cheaper idea: I tell everyone I know to start the subject line with "goat" if they want to e-mail me. Then I filter all e-mail without "goat" as the first word in the subject...

      Sure, sounds good, but you might want to pick a different word ....

  • Few Flaws (Score:4, Informative)

    by L-s-L69 ( 700599 ) on Tuesday October 14, 2003 @07:12AM (#7207399)
    1. Paying 1c/1p for sending an email may still allow some spam to be profitable. 2. I dont want to pay to send email. I just dont, I like the fact its free to anywhere in the world. 3. Limiting the number of emails sent in a day is going to be very restrictive for companies. 4. There is no way everyone in the world in going to use this system. 5. It sounds too much like a single point of failure for email.

    On a personal note i just stop spam by removing all html mails, if my friends send me junk in html format i explain carefully and with a pointy stick that I dont want html emails.

    • 1 - Exactly. Most spammers would gladly pay 1c per email - these guys are (unfortunately) making lots of cash doing what they're doing, so they can easily afford it. Then all this idea does is make something cheap expensive, and the spammers continue on their merry way.

      • Re:Few Flaws (Score:3, Insightful)

        by Kombat ( 93720 )
        Most spammers would gladly pay 1c per email

        You're wrong. The only reason spam works is because it is free to send. If they send out 5,000,000 emails and get a 0.1% response rate, with a profit of $5 per sale, then they've just earned $25,000. Since it cost them nothing to send those emails, then that is $25,000 of pure profit. Hell, even if they only sold one product through those 5,000,000 emails, then the $5 profit is worth it, because it is more than their cost (which was nothing).

        If the emails c
        • If the emails cost 1 cent to send, then those 5,000,000 spams now cost them $50,000 to send, which obliterates their $25,000 profit, and then some. Suddenly, it's not worth it. And they'll stop doing it.

          Except many spammers now routinely use fake credit card numbers to get the ISP throwaway accounts they use now. OK, $50,000 is a bit much to put on a credit card, but if the price were a bit lower, it wouldn't be much of a problem.

    • Re:Few Flaws (Score:3, Insightful)

      by Kombat ( 93720 )
      I dont want to pay to send email. I just dont

      Then learn to live with spam. The bottom line is, as long as it is free, spam will flourish. That's what it really comes down to. That's what every spam-attacking strategy must work with or against. It has to cost something, and these compromises are all about finding a "something" that is insignificant for normal users sending < 1000 emails a month, but prohibitive when it reaches up into the millions of emails per month.

      If you are unwilling to comprom

      • ... If you are unwilling to compromise on your "zero-cost" requirement, then you will never be rid of spam. It's as simple as that.

        Even if people pay a penny for each email spammers would still pay nothing for sending those millions of mails. The hacked and trojaned Johny Broadband would pay their bills.

      • The bottom line is, as long as it is free, spam will flourish.

        Only if it's free AND anonymous.

        There's two ways to fix it: Either make it non-anonymous, or non-free (at least if the recepient so indicates). Of course a combination is possible (I may want to spend $0.01 on an anonymous email once in a while).

  • If only everybody did something differently... (Score:3, Insightful)

    by winkydink ( 650484 ) * <sv.dude@gmail.com> on Tuesday October 14, 2003 @07:19AM (#7207436) Homepage Journal
    ...this is a recurring theme in the "how to solve the spam problem".

    You will not change every person's behavior. Especially if it changes from doing something for free to paying to do the same thing.

    The spam problem will only be solved by changing the underlying technology that is invisible to end users.

    That way, you only have to change the behavior of every postmaster. :)

  • What's the benefit? (Score:3, Insightful)

    by moehoward ( 668736 ) on Tuesday October 14, 2003 @07:22AM (#7207453)
    It costs me less than a penny a piece to deal with an individual spam. Hit delete, turn on my filter, etc. Is it really such a nuisance that we have to waste billions of dollars to "solve" it?

    This seems to be an ISP solution, not a user-oriented solution. A user-oriented solution would be authentication based. Why not put a system in place to check the validity of the "real" sender and be done with it? What does the penny solution have over this? Both require all SMTP servers to be upgraded.

    It is easy to see that there are SOME spammers who would pay. Just like with telemarketing. It costs them. We would just end up with the problem all over again.

    No thanks. I already pay for ISP service. Next, they'll want to charge Web hosts for every page they serve up in order to stop pop-up ads. Sounds like a vast left-wing conspiracy! We'll TAX the problem out of existance! Never works.

    • It's a matter of degree (Score:3, Insightful)

      by gidds ( 56397 )
      It costs me less than a penny a piece to deal with an individual spam.

      Okay, that works for you, fine. But I'm guessing you don't get very much spam. Imagine if you got over a thousand spam messages a day (as someone I know has been doing). That's an average of one every 86 seconds. Wouldn't you find it more of a nuisance then? Wouldn't you be considering drastic measures, or even payment, to avoid that?

      I'm not saying that this proposed solution is a good one; I don't think that it is. But please d

      • I get several hundred per day. The ones that get through the spam filter (like 15) are easily selected all together in the swipe of a mouse and then deleted. I empty the junk folder once a day. I'd say that it consumes 5 seconds of my day plus about .001% of my total bandwidth. Darn. It's such a nuisance. I don't pay for my spam filter separately, it's built into my email program.

        If the ISPs don't like it, they can start banning these jerks instead of colluding with them by selling them services. Don't dra

  • What's so hard about authentication (Score:3, Interesting)

    by tbase ( 666607 ) on Tuesday October 14, 2003 @07:22AM (#7207455)
    Wasn't the post office supposed to start a service to give people some sort of certificate to authenticate people in the virtual world? It seems to me the only viable solution (and a simple one at that) is some form of authentication. Even if certificates are too much hassle, why is it so hard to change the protocol to verify IP addresses before allowing mail in or out? If you couldn't spoof IP's in e-mail, then you could reliably blacklist spam-friendly ISP's and easily track down who sent the spam.

    Take it a step further, and tie IP addresses to an organization or individual. Then if you never wanted another e-mail from ZD Net, you could block the organization and it wouldn't allow any mail from any of their IP addresses.
    • I was thinking about this problem this week. When I first heard about the US postal service offering email I thought it was a total waste since the private sector provides this service for nearly free. Now I'm much more interested in some manner of official email, even if it means some added beauracracy. I still hope the private sector can straighten out this mess, but I've been hoping that for years. (for what it is worth, my company even made an effort to build a spam fighting solution that didn't wor

  • Mebbe learn to write a bayesian filter? (Score:4, Interesting)

    by Nuclear Elephant ( 700938 ) on Tuesday October 14, 2003 @07:24AM (#7207470) Homepage
    Tim fails to understand that he's still getting spam only for the reason that his Bayesian filter sucks. Most other Bayesian-style filters (and friends) are up to a 99.9% filter rate and working towards five-nines efficiency. Their learning potential continues to improve as well with new concepts such as inoculation. It's no longer a question of "can we filter spam" it's a question of "how do we stop that one in a thousand spams that get through"...and that's soon going to be one-in-ten thousand. The problem is that only a small number of people have actually done any research in this area and tried Bayesian-style filtering. If they did, they would realize it worked ... very effectively. There are also server-side tools that make it easy for the 95% of non-tech people on the Internet. Bottom line, Tim needs to quit his bichin and go rewrite his spam filter - or install someone else's.
    • Perhaps Tim needs to re-write his filter, but I think that Bayesian filters are not the solution to the problem. They are the solution to a symptom of the problem. Hiding spam email under the rug is not going to reduce the overhead incurred in transferring around junk. Those emails do not magically appear in your inbox. This solution of his is flawed in many ways, but it does what filtering doesn't: it attacks the root of the problem, instead of playing defensive hot potato.
    • The problem with Bayesian filters is that, if they are used enough, they will drive spammers to make their spam look less spammy, and then getting those extra 9s of efficiency without getting a bad false-positive rate gets harder.
    • Keep in mind that 99.9% success on identifying spam is meaningless on its own.

      When you talk about succes in spam filtering, you need to talk about several statistics: 1) false positive rate 2) false negative rate 3) both initial and limit values for the above 4) function for rate of change.

      That is, you have two (somewhat independant parameters) and they are going to start at a "less acceptable" rate (e.g. perhaps 5-10% false negative and 1-2% false positive) and there will be some function that describes
    • Bayesian filters are the current hot technology on spam-fighting.

      They are at the moment effective against most spam out there.

      However, I still see stuff get through. I'm even starting to see spam get through at my work, where spam has to evade both spamassassin's (run on the mailservers) and mozilla's (run on my desktop) filters. (And yes, I tell mozilla to mark as spam everything that spamassassin flags, after manually reviewing the subject lines) Single word Bayesian filters are now being evaded by t
    • I'd love to know what I'm doing wrong with my Bayesian filters.

      Running Moz1.4. It's collecting from two accounts, one of which can easily hit 70 spam a day so it gets plenty of information to work from. I've got a bunch of keyword matches to catch anyone mentioning viagra, webcams and so on. _All_ misses are getting marked and deleted, all false positives are getting unmarked and dealt with as necessary.

      To top it off, I've never been very good at remembering to empty trashcans so I trained it on that too
      • Spam changes a *lot*, often to get around bayesean filters, plus the filters vary in effectiveness. For example at work SA catches ~2000 spams a day. With SA 2.55 I had a cron job wiping the bayes database once a week because after that it started to give a lot of false negatives. 2.60 seems to have cured that one (although there's one spammer who seems to score BAYES_00 every time, and I'm damned if I can work out a rule to stop him because he's using servers all over the place, and there's only about a
        • Bounces - er, yes, I'd more want to bounce cases of people who are sending from legit addresses but just _will_ _not_ unsub me from their lists, which I get a reasonable amount of. The pure spam that's coming through forged addresses is certainly a waste of time to bounce.

  • Screw payment options (Score:3, Interesting)

    by clambake ( 37702 ) on Tuesday October 14, 2003 @07:24AM (#7207471) Homepage
    The problem with solutions like this is that it involves money, and thus, is subject to corruption. Spammers would eventually be givien discounts (look at your paper junk mail folks) so that the regulatory company can make an extra buck.

    However, there is another solution that would work just as well.

    Every email that is to be accepted by an SMTP server must include a digital signature of some root SMTP-signing servers of some kind, otherwise it's automatically rejected. This server will only allow, say, 10,000 signatures per IP address (or per registered user, whatever) per day, maximum. Additionally, it will only sign one message per second per IP addresss, no faster.

    There are many variations on this, all of which would work great. For example, have the rate of signing be inversely proportional to the number of messages sent that day. Maybe also have "registered users", meaning people who have an actual credit card number or bank account linked to their name and will be charged $1,000,000 per message after 10,000 have been sent in a day (Sure, there will be spammers using fradulent cards, but in that case spamming has become a real, high-stakes felony).

    The point is, as long as you have a few central authorities, just like DNS, where we can go to validate email, then we'll end spam.

  • It just looks like a variation of the old pay to send idea to me.

    So why'd you bother posting it? Too much free time?

    Daniel

  • Email Classification (Score:2, Insightful)

    by TheSpoom ( 715771 )
    Here's an idea. Instead of blacklisting domains that spammers use (because we all know that they have effectively an infinite supply) or going to extreme lengths such as paying for each email sent, why don't we make it so that emails may be classified based on the volume of mail they send, and such classification be mandatory? Hence, we could block certain accounts that were sending, say, more than 10,000 emails per day. If, for example, there were a digital certificate in each email that added one to a

  • Another option... (Score:2, Interesting)

    by r1ch ( 166865 )
    Another interesting option would be to use deposits rather than payments - you'd lose your deposit if the mail was unsolicited. That way sending mail is free unless it shouldn't have been sent, and if the deposit was of a big enough size spamming would no longer be profitable. I started a discussion about this a few days ago here [fogcreek.com]
  • The problem with all these spam preventing ideas is that they don't get to the root of the problem; the spammers. I have a foolproof solution.

    Capital punishment.

    Simply kill the spammers. Send spam? Instant death. No jury. No judge. Maybe the spammers can be the first to appreciate the benefits of "Real Cheap Life Insurance" when they're frying on the electric chair.

    Don't moderate me funny. I'm not joking.
    • monitor spam. report to ISP. if they ignore your complaint, blacklist them. if they continue to ignore you, blacklist their whole IP block.
      go after the people whose products they're advertising. with a big stick.

  • oh great, junk mail, here we come! (Score:3, Insightful)

    by martin-boundary ( 547041 ) on Tuesday October 14, 2003 @07:34AM (#7207535)
    I really don't see what possible benefit a paying scheme could have for email.

    If I get this right, the idea is to lose the one clear advantage email has over regular mail, namely no cost (let's ignore actual ISP costs, those are together paid by the sum total of all internet subscribers in the world).

    By artificially making each email cost something, the economics of the email system become identical to the economics of postal email, except it's faster. That's the idea, unless I'm missing something.

    Now in the real world, we already have an example of a system with such economic properties, namely the postal system. Unfortunately, in the real world, we also have an example of the way spammers have adapted to that economic system. It's called junk mail, and I get tons of it in the physical mailbox.

    So maybe the companies pay for their junk mail to be delivered to my physical mailbox. Guess what? I still don't want it. But they paid for it, so I guess it'ts allright....not.

    Thanks but no thanks. I'll take my chances with a personal junk filter.

    p.s. I accept that ISPs have a huge problem, but this way is only going to legitimize spammers who are willing to pay.

    • By artificially making each email cost something, the economics of the email system become identical to the economics of postal email, except it's faster. That's the idea, unless I'm missing something.

      Again: The sender is only billed $0.01 if the receipient so chooses.
  • If they ever got off the ground, they'd be shut down in short order due to the trouble they would be in for being a spam-cannon.
  • The problem with this idea is:

    1. Micropayments still suck [openp2p.com].

    2. Why the hell should I trust this company, particularly when Verisign buy all successful competitors - as they did for digital certificates?

    3. Most importantly: there is no natural reason for the cost.

    Now, if there was an easy way to pay me one penny to receive each email, with free channels set up on a case-by-case basis ... that would work wonderfully. All we need then is a workable mechanism for single-penny transactions to be workable for a

  • Mailing lists (Score:2, Insightful)

    by thorrbjorn ( 321412 )
    "That means that some formerly-free list subscriptions are now going to cost you a penny a message. Deal with it; it's the price of killing spam."

    I'm on quite a few mailing lists, due to my wide range of interests. I can receive 400-600 messages a day from these lists. So I should spend $4-$6 a day to fight spam, eh? The largest estimate of the cost to ISPs for dealing with spam has me paying about $8 a month.

    Its a nice idea, but it just won't fly. Try again.

    This [habeas.com] sounds like it might actually work.
  • Its human nature why should I pay you for something that is already free. Unless there was a massive simaltenous move then its just not going to work

    Rus
  • It's not that hard to take down a spammer who causes you problems beyond just sending you unwanted email... I had one friend who had a spammer run a couple hundred thousand emails thru his system (a bug had made it into an open relay). It took one stern call to the ISP hosting the advertised websites to get his hosting and DNS cut off at the knees.

    This is more than just sending off a single email to a scantly watched abuse email.. This means getting hold of a real person and explaining, realistisay, what

    • >to get his hosting and DNS cut off at the knees. Yeah right, for all of half a day while he sets up a new one. >This means getting hold of a real person... >If more people would do this... Unfortunately, these two statements are contradictory. Most people can't be bothered. Hey I'm not knocking you, just being realistic. It was great what your friend did, but it sounds like he must have been fairly computer savvy to sort it out. Most people aren't, and wouldn't know what to do about spam if i
    • (Sorry, repost with better formatting, must remember to actually *look* at the preview next time)...

      >to get his hosting and DNS cut off at the knees.
      Yeah right, for all of half a day while he sets up a new one.

      >This means getting hold of a real person...
      >If more people would do this...
      Unfortunately, these two statements are contradictory. Most people can't be bothered.

      Hey I'm not knocking you, just being realistic. It was great what your friend did, but it sounds like he must have been fairly co
  • When you send snail mail there is some actual, legitimate cost involved in transporting the letter for A to B. But email can be zapped to any net.connected machine pretty much instantly and for a vanishingly small cost. Layering on some expensive infrastructure will never work, for exactly the same reason that charging big bucks for easily reproducible media won't: everyone will use a cheaper way, and the expensive way will be ignored.

    In the article Tim Bray says the problem with the current email system i
    • Fake costs work for eg. the telephone network (network maintenence is fairly fixed-cost so charging by the minute is pretty bogus.. half the traffic goes over IP anyway)... it's all about market forces in the end - if you can convince people that paying is 'better' they'll pay (you can bet MS will try something like that soon).

  • downside (Score:3, Interesting)

    by Ubi_NL ( 313657 ) <joris.benschop@NOspam.gmail.com> on Tuesday October 14, 2003 @07:49AM (#7207629) Journal
    With the recent connection of Sobig to a spam network, what if:
    * Grandma has a box that got hax0red
    * box is used to send 100.000 emails

    Who is going to pay?
    * Grandma?
    * OS manufacturer for making lousy OS
    * Spamming company

    I'd prefer the latter but it required having to trace the company through complicated follow-the-money-go-overseas-FBI-CIA type of actions. So in reality they'll make grandma pay

    No thanks

    • With the recent connection of Sobig to a spam network, what if:

      * Grandma has a box that got hax0red
      * box is used to send 100.000 emails

      Who is going to pay?
      * Grandma?
      * OS manufacturer for making lousy OS
      * Spamming company

      Tim Bray is proposing people would prepay say, $10, ahead of time. At 1 cent per email, the relay would cut off after 1000 emails.

      So, yeah, Grandma would lose $10, but that's a good thing; it'll teach her to switch to Linux :-).

      Right now, hacked systems just keep sending and send

      • When the infection rate of SoBig-style spamming worms is into the millions, having a limit of 1000 emails isn't much of an impediment to a spammer. There is a limitless supply of clueless users who can be fooled into running them.

        If you try to force Grandma into paying the $10, she will just get the AARP to lobby for a law that protects people from paying in cases of "fraud". (For a template, see the rules on credit card purchases.) The ISPs will raise the rates from 1 cent to 2 or 3 or 4 cents to cover th
    • With the recent connection of Sobig to a spam network, what if:
      * Grandma has a box that got hax0red
      * box is used to send 100.000 emails

      Again: If the sender only pays $0.01 when the recepient indicates they should, $1 will probably last people a year, so there's no point ever having more than $5 in your email deposit. If somebody hacks into Grandma's box, they can send 500 emails, or $5 worth of emails. Hardly seems worth it.
    • If this happened, then wouldn't it necessarily make that act a crime, because, there is now a real financial damage? Whereas before, people just theorized that spam costs $X billions, now you can actually calculate it. If you can calculate the damage, you have an legitimate reason to prosecute for fraud.
  • It's just too late now. The REAL problem with spam is that addresses get forged, and e-mail as it stands now is too insecure to be totally fixed. We'd need a new replacement for e-mail and I think that instant messaging could replace e-mail. Instant messaging can be set from the get go (easily) to ask permission before you get on the list. Once your added, you can send mail. If someone pisses you off too much, you yourself can ban em.
  • Using a pay-to-send relay agent is crude, but it doesn't really address all the issues. Who runs the relays, and who decides if the relay is valid, or is a spammer's? Who decides the price of relaying? What about mailing lists?

    I prefer a system of micropostage, in which there is no single postage-issuing authority, but the mail receiver maintains a whitelist of acceptable ones. (If one becomes compromised by spammers, then it gets deleted from the whitelist, a quick anc clean form of RBL.) Microposta
  • (I can't believe the old linked article mentions my ancient Flying Rat project! That failed, and...) A disclaimer: I'm self-interested (obviously) and I think the media have done a poor job covering it, but...

    There are a number of Get Paid To Read email programs which use e-gold for small efficient payments to lots of individuals (*willing* individuals!) all over the world. These explain the huge number of tiny spends at http://stats.e-gold.com and a few of them are quite popular it seems.

    It's not a perfe
  • Don't know if anybody's mentioned this, but I came across this from Road Runner's [rr.com] site after they blocked a bunch of ISPs (filtering gone awry, I'm afraid, and corrected now).

    http://www.bondedsender.com/ [bondedsender.com]

    Essentially a whitelist of senders, rather than a blacklist. There's been lots of whitelist talk, but I don't think anyone's taking it seriously because it would be difficult to get everyone to fall into line with this concept. Imagine how much mail your clients -wouldn't- get if it was to be implement

    • bonded sender is talking about $1000 per server... There is *no way* I can afford that kind of money to run my mailserver (the hardware didn't even cost one tenth of that). We have three at work here - that would cost us $3000 for zero benefit (yeah, I can really see that one get past the bean counters).

      If it was $20 it might be worth it. At $1000 maybe big ISPs might bother (but they're the source of most of the spam anyway... I get shedloads from rr.com, btw.).
  • The same mistakes from the war on drugs are being proposed for the war on Spam. Going after the "dealers". As long as there are people who are willing to purchase drugs, there will be someone who is willing to take legal risks to sell them. As long as there are businesses who are willing to pay a spammer, there will be people willing to find ways to evade any laws or costs to send it for these sleezy busunesses.

    Unlike Spammers who try to hide, the business/con artist has to have a means of contact for the
  • We all put up with a certian amount of junkmail, it's a given, we already get it with our daily snailmail, in newspapers and with products we buy.. we do tolerate a certian amount of this stuff.

    I think one of the biggest things we can do is to cut down the number of open relays (this will help) also have a global ban list of ISP's that allow large scale spammers. I have pretty much banned entire contry codes and class A networks because all that comes out of them is spam. But also all the ISP (in the wor
    • hey, don't do that.

      right now i'm pretty sure one of the reasons i DON'T get any spam(to any measurable degree, that means that i get maybe 3 'spam'category mails per month that i actually had somehow managed to subscribe) is that my mail address(that's on clear text on my homepage, linked from my sig, with all kinds of crawlers coming through it) has ".adsl." in it.

      eh.. so, i guess my point is that dialup and dsl' lines that change their ip addresses should be banned(but not perm. ip).
  • a "pay to send, get paid to receive" model. Think of it this way: you get a particular quota of outgoing and incoming email bandwidth per month. For each email you send, you pay $0.001 per recipient copy. For each you receive, you receive $0.001. For non-commercial users, the cost would cancel out. For commercial users, it would be part of the cost of doing business, and would still be cheaper than direct mail (1/370th the cost to send, and no paper, envelope costs, and far less labor). The only people it w
  • ISPs should charge each other for transporting
    email. AOL provides Earthlink a service by
    delivering Earthlink customer's emails to the
    recipient using AOL's equipment. So they are
    justified in charging Earthlink for that service.

    Now if traffic flow is balanced, no actual money
    is exchanged. How you affect spammers is when
    traffic flow is imbalanced. An Isp sending more
    email than it receives ends up paying the other
    Isps. Then the spammer who creates the excess
    email will be billed by his Isp, and the Isp
    on t
  • Every time I hear someone suggest a pay-to-send strategy for email, I cringe. As the owner of a small business that operates primarily online and generates a fair amount of LEGITIMATE email to people who've SIGNED UP with me, this would be a crushing blow. I would shut my sites down and look for a job with The Man. And when I think of that, I cringe again.

    Here are my thoughts:
    1) If you're willing to pay a penny a message to send, wouldn't you be willing to pay a little for filtering that kept your spam lev
  • Estimates are now that 70% of all traffic is spam. As another poster mentioned, ISPs, especially the top-level backbone providers are stuck with a conflict-of-interest, as they profit on the sale of bandwidth, and therefore are not motivated to contain the overwhelming amount of unwanted noise clogging the Internet.

    Imagine if you picked up your telephone and 70 percent of the time it was already in use?

    Imagine if 70% of the time on the DVD you just purchased was filled with commercials?

    Imagine if you had
  • If you charge actual money to use email, the Unwashed Masses will stop using email, which may or may not be a good thing. You will also require a huge bureaucracy to administer the system, which will cost more than the original "postage", so the system will sink under its own weight.

    Now, what might work is to criminalize the use of spam as an advertising medium, assign responsibility to the party who profits (that being the party on whose behalf the spam is advertising) and assign half the penalties back

Slashdot Top Deals

Order and simplification are the first steps toward mastery of a subject -- the actual enemy is the unknown. -- Thomas Mann

Close