90% Garbage, and One Solution
A new report says that spam email–already at record levels last summer–has tripled since June, and now accounts for 9 out of every 10 emails sent.
How long will these scum be allowed to operate before everyone out there says “enough!” and does what is necessary to cut them off at the knees? Already they have overrun our email, flooded our blogs, polluted the Internet with filth both illegal and barely legal. Probably a big chunk of what you pay for your Internet service subsidizes these sleazes, who take advantage of the free ride we’re giving them so they can annoy us, harm us, and fleece us.
I am not one for restrictions or regulations on the Internet, so I would suggest as many self-healing techniques as possible, but beyond that, make the rules necessary to stop these rat-bastard parasites from bringing the Internet crashing down.
Almost exactly three years ago, I outlined a new email system that would immediately crush email spammers, and I reiterated the same plan a year and a half ago. A good idea never wears thin, so here it is again.
Call it “Email 2.0.” Start a new protocol for email. It should be open-source, with profits, if there are any, going to fund new projects to stop spammers. No one company or country would be able to hijack the standards nor profit from them–the protocols and technology would be agreed upon by programmers and experts in the open-source project, and kept that way. Makers of email software would be given 6-12 months’ lead time (or whatever is realistically necessary) to incorporate the feature into their email clients and other software.
In this new protocol, everyone would receive $1 credit right off the bat–you wouldn’t even have to pay to start off. Those who would need to buy more credit could use a system that anyone could pay into–credit cards and PayPal would be possible, perhaps, but some other system, like a prepaid card or sending a money order to some location, would also be necessary.
Here’s how it would work: whenever you send an email, it could potentially cost you a penny. But here’s the beauty of it: it only gets debited from your account if your email winds up in someone’s spam folder for more than three days. When that happens, you receive an automatic receipt informing you of the transaction, or whatever other notification system works best.
UPDATE: Oops. I misremembered my own idea. The idea was not to charge senders only after the email was reported as spam by the recipients. The idea was to automatically charge every email one penny and then forgive the charge once it was accepted by the user. This itself would cause problems, I’m sure–if your account were taken over by a spammer somehow, for example–but as I mentioned in the comments, a standard setting could be not to allow more than x numbers of messages to be sent within a certain time period. Again, stuff that could be worked out by smarter people. I know this whole system raises problems, and maybe it is unworkable–but I do have faith in the idea that some system would be workable, and we need to find that and implement it.
Most people would take years to eat up a dollar at that rate–have you sent 100 emails that wound up in people’s spam folders in your lifetime? Maybe most people would never lose the original dollar.
But spammers would run out of money in the first few minutes of operation. Today, they depend on free email to send millions of spam out every day. But at a penny a pop, a million spam would suddenly become $10,000, and no spammer could afford to operate at the levels they now operate at. In November this year alone, 7 billion spam emails were sent; that would come to $70 million per month to the spammers. No way they could keep that up.
This system would not stop junk mail–after all, businesses still pay postage for snail mail advertisements. You’d still get spam–but you’d get a hell of a lot less of it, and that’s the whole idea. Spam would no longer threaten to cripple our email systems.
The money paid for these spam emails could be split between the spam recipients and the open-source project, which would after all need some funding to survive. Even better, the recipient’s portion of the income from spam landing in their inbox could be used to recharge their own accounts in case they lost some pennies from their own email accidentally landing in someone’s spam folder. Beyond that, they could get a PayPal credit which could then be used for online shopping. What spam remained after this technological culling would actually begin to spur legitimate online shopping. And anyone who tries to nickel-and-dime their friends by collecting the spam penny off of legitimate email would probably not get sent any more email, not to mention they would not have their friends for long.
Because the system is, to a degree, exclusive, as well as self-correcting, spammers could not take refuge in spam-friendly countries or international waters. However, checks for fraud would need to be pretty good so that spammers couldn’t hack in and create fake accounts full of credit. But we’re able to do that with real money (PayPal manages, not to mention credit card companies), so hopefully that would not be a roadblock.
Perhaps a greater problem would be the spammer’s propensity for hacking into victims’ computers and using them as proxies to send massive numbers of emails each–but hopefully protections of this sort could also be averted by beefing up email security, like adding a feature that would require user intervention to send email to more than three people within a span of ten minutes, say.
I truly believe that such a system is possible, workable, and should be done. It just requires enough people getting fed up enough to make the effort. Frankly, I am pretty surprised no one has tried to get such a movement going by now.
Sorry, Luis, but this wouldn’t work for a variety of reasons.
First of all, it’s a logistical nightmare. You’re talking about monitoring and tracking e-mail habits worldwide and relying on software to do the job properly. The latter is definitely not something I’d put my credit card or PayPal account on the line for. You know how buggy and inaccurate software can be.
You can’t get every country to comply nor every user to cooperate. That’d mean that servers in countries which weren’t in the system would be havens for spammers. You say the system is “self-correcting” but I don’t see how that can be unless people who are a part of the system categorically reject any mail not originating from within the system (which I wouldn’t do nor do I think others would). You can’t stop someone from sending you e-mail even if you are a part of the system you mention and a spammer can’t be charged unless he’s a part of the system you outline. You can’t get blood from a stone.
You also mention that the ability to hack into other users accounts and send e-mail from their accounts could be “beefed up” to prevent this but I think any system designed to make spammers pay by the message would only improve their skills in this regard. It’s the same as software piracy measures. If you put in roadblocks, the pirates get better at defeating them. Spammers would have an even greater incentive to do better and I have no doubt they’d learn myriad ways around it.
Which leads to the next problem which is how a user who has been wrongfully charged as a spammer seeks to prove his case. Would you like to be charged thousands of dollars for e-mail you didn’t send and be put in the position of proving you didn’t? I sure wouldn’t.
Additionally, if you rely on users to set up and maintain spam filters to make the system work, you’ve lost half the battle right there. A great many home users don’t use spam filters. They just delete the messages because it’s easier and faster than configuring software.
Users who don’t have credit cards or PayPal accounts (and who are already intimidated by technology) would be at a huge disadvantage. Some old granny who can barely use her e-mail isn’t going to understand the complexity of the system nor is she likely to surrender her bank account information just so she can send messages to her grandkids.
What’s more, there is great potential for petty and vindictive abuse. If your coworker pisses you off, you could set up his e-mail system to spam people overnight using automation (send the same message every 5 seconds) and get that person charged. People would certainly abuse this for petty personal reasons.
This would also require the user’s software to report on spam, wouldn’t it? Isn’t that sort of reporting exactly the kind of thing that could be easily tampered with to make someone look worse than they are? It’d take no time at all for hackers to write a malicious script to allow you to report that someone you hate sent you 500 spam messages this week.
Finally, it would mess up a lot of current business models which offer free e-mail addresses and accounts. You’d essentially kill them off because you wouldn’t want these accounts to be havens for spammers who set up an account and get their first dollar of credit then spam the hell out of everyone and refuse to pay the bill. At that point, he’d move on to a new account.
Spam may be annoying but the solution you offer would be far worse than the spam problem unless it worked perfectly and was abuse-free and we both know that wouldn’t be the case.
Luis, I don’t really believe that the system you describe could be implemented without a major advance in programming. The ability to cause someone a problem by making them appear to be a spammer (by copying their message and putting it multiple times in your spam folder, or even using existing header forging scripts to send out email appearing to be from that person) would be to easy to abuse.
A simpler, more workable solution was mentioned in a novel written in 1999, Earthweb by Marc Steigler. The book itself is okay, but some of the technologies mentioned in the background are fascinating. One of which is their method of dealing with spam. Each person has an “approved senders” list who may send them email. Anyone else who sends them email is sent a message that basically states “in order for _______ to read your email, you must pay them ___”, with a price set by the individual. Otherwise the message is automatically rejected. I believe that an expansion of the already existing return receipt system, along with an expansion of already existing online payments could make such a system workable in a much shorter time with a fewer problems.
Shari:You’re talking about monitoring and tracking e-mail habits worldwide and relying on software to do the job properly.OK, I think I know what you’re talking about–trusting each user’s email program to reliably count the incoming email and reliably report it as spam or not. This would require protected mail servers to keep track of email that was sent, and to receive reports from email software that the received email was spam or not spam, then keep track of debits and credits. I’m not enough of an expert to know how much of a challenge this would be, but you’re right in that there could be a problem there–but I wouldn’t necessarily rule it out.You can’t get every country to comply nor every user to cooperate. That’d mean that servers in countries which weren’t in the system would be havens for spammers. You wouldn’t need to. This system would exist side-by-side with existing email services, it would not replace it. Nobody would be forced to join, it would be more of a safe haven. I imagine that the main servers doing the routing and counting would be located in a few “safe” countries.You can’t stop someone from sending you e-mail even if you are a part of the system you mention and a spammer can’t be charged unless he’s a part of the system you outline. You can’t get blood from a stone.Again, this would be a completely separate protocol from today’s POP3 or other email systems. It would not be compatible with them. It would be easy to stop existing email systems from interacting with it. Nor could people without accounts use the system. It would be like trying to access paid content without the right username and password; such systems are commonly used today in other contexts. Is spammers don’t pay to keep their account charged, their user names and passwords wouldn’t work.You also mention that the ability to hack into other users accounts and send e-mail from their accounts could be “beefed up” to prevent this but I think any system designed to make spammers pay by the message would only improve their skills in this regard.Certain protections could be built in. For example, a standard setting could be for a user account to shut down outgoing email pending action if more than ten charges were to be incurred within a certain time period (similar to how some credit card users are protected from fraud and theft). This would require me to change the “three days in the spam folder” idea to a more immediate charge-receipt system, but it could be done. Such fail-safes could make it unprofitable for spammers to hack into accounts.Additionally, if you rely on users to set up and maintain spam filters to make the system work, you’ve lost half the battle right there.That’s not a problem; as I mentioned, this is an exclusive system, simply mandate the use of a spam filter. Such filters don’t really require setup, although some mail programs have a setup routine.Users who don’t have credit cards or PayPal accounts (and who are already intimidated by technology) would be at a huge disadvantage.Like I said, it could be done using a prepaid card, which would be simple enough.What’s more, there is great potential for petty and vindictive abuse. If your coworker pisses you off, you could set up his e-mail system to spam people overnight using automation…The aforementioned charge-limit filter would stop this.It’d take no time at all for hackers to write a malicious script to allow you to report that someone you hate sent you 500 spam messages this week. No, because the report from your software would have to match mail server records, which would be unreachable to that person.Finally, it would mess up a lot of current business models which offer free e-mail addresses and accounts. You’d essentially kill them off…Again, it would not replace existing systems, it would be a separate system.
I am sure that an email expert could knock a lot bigger holes in this system, but I am almost as sure that they could be overcome and an airtight system (or, airtight enough) could be devised.
Elaine: As I mentioned with Shari, any one user’s reports of spam would have to match mail server records, so it would not be so easy to hack.
I like the idea you mention, but it seems to me that to implement it, a lot of similar problems would arise. You’d need to subscribe to a system, set up accounts, protect against hacking and so forth. But it does sound simpler.
Oops–I just realized I made a big mistake in my entry. Please see the update I added.
Well, I can’t say that I’d go for any system which would charge users even as little as a penny per message nor would I subject those I correspond with to such charges. I think it is just too complicated and error-prone for the small compensation of not having to bounce my own spam. I just use Mailwasher Pro to blacklist and bounce or delete directly from the server. It takes about 2-5 seconds per day.
The biggest losers in the spam situation are businesses who lose money when employees have to wade through spam to get to honest content. The problem is those are also the very people who would never implement a system that charges people for sending messages because it’d either have them paying to send out their own messages or charging customers.
I think the reason such a system will never be implemented is that there is no profit in a system the vast majority of users aren’t going to be willing to embrace.
However, I do have a question. If you have such confidence in such a system, why haven’t you looked into it yourself? A great idea starts with one person who believes in it strongly and takes steps to make it work. You have friends and family who have programming skills and you know a bit about technology yourself.
Shari: I think we all lose in general; after all, if 200 organizations out of the millions of individuals and organizations on the web are accounting for 90% of the traffic, and those 200 are not paying any more than the rest of us, then they are consuming far more than their share, and their activity works not to the benefit or neutral balance, but to the detriment of everyone else online. As if 90% of the traffic on the road were those giant, slow-moving vehicles that we see here in Japan with huge ads on all sides, which drive around only to advertise while blaring out their slogans on loudspeakers. If 90% of the traffic were taken up by those eyesores, and 90% of road damage and other costs were incurred by them while everyone else had to pay 99% of the taxes and so forth to make up for that… you get the idea.
Furthermore, email servers are starting to get overloaded with this crap, and a large portion of the Internet infrastructure is now dedicated to handling it–and it is growing at such an alarming rate that very soon, we’re going to start seeing the system reel and buckle under the weight of all of it. So it’s not just a matter of filtering and ignoring and seeing others deal with the worst of it–it costs all of us, and will begin to affect our Internet experience more and more as time goes on.
But I guess we’re going to have to wait for people to be even more inconvenienced before positive action is taken…
As for no one profiting, well, there are many open-source projects like the Mozilla project without the lure of profits to move them forward. The Internet is maybe the greatest arena today for groups putting work into providing service for others based primarily upon the idea that they are making something cool that they enjoy as well. Tackling the spam problem just seems like a natural in this regard.
As for my starting such a movement, I would not even know where to begin. I have no programming skills and don’t know how to set up such a project, so without a big financial outlay to start hiring people who do, I would be relegated to emailing people and saying, “hey, why don’t you…?” I only know one person with programming skills, and I don’t think he has time for such a tproject. I think that the person who gets the ball rolling either has to be financed or at least must be someone who has technical abilities in the area and can gather others of the same crowd to start working on the issue. Believe me, if I thought that I could get the ball rolling on such a thing, I would probably jump at it. So for the time being, I am doing what I know: suggesting that it should be done and forwarding an idea.