Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
Is it soup yet?

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


                                                       

Anti-spam 'stamps'

Go back to the future, by sticking 'stamps' on your mail
  (+11, -4)
(+11, -4)
  [vote for,
against]

A quick search for spam in the bakery suggests this has been a major area of attention over the years, but I couldn't find this idea anywhere (although [FloridaManatee] and others were definitely going in the same direction ... links).

So ...

Spam thrives because free email makes it economically attractive to, well, spam everyone - even if only a tiny percentage are stupid enough to respond

The one most obviously effective way of stopping spam is simply to increase the cost of email so spam schemes are not attractive anymore. But ... how do you do that without increasing the cost for everyone else?? (Presuming you don't want to become EXTREMELY unpopular)

Idea: Create a micropayment system which allows very low value 'stamps' to be attached to outgoing emails, and allows incoming mailservers to be set up to auto-reject or treat as junk any mails that do not have sufficient value attached

Emailers purchase (using PayPal, credit card, or other mechanism) a once-off, small amount of outgoing email credit (say $1 or so)

Recipients set the 'minimum incoming value' in their email client ... defaulting to maybe $0.001, or even less. (You could of course set it higher, but even normal people might stop mailing you - which might be what you were aiming for!)

Outgoing email is set up so that each mail you send now goes out with a standard minimum value attached (again, say $0.001). If the address you are trying to reach requires more than you have attached, you get a message delivery error response, stating the amount required to deliver that message.

At $0.001 per message, that gives you 1000 emails for your $1 investment. But - it's actually much better than that, because the stamps are like tiny bearer-bonds ... once you receive one on an incoming mail, its value now belongs to you. You can re-use 100% of the value that comes into you - so as long as you don't send many more emails than you receive, you keep going indefinitely. So ... total cost to be significantly freer of spam = $1.

The spammer, however, IS seriously inconvenienced. Sending millions of mails is now costing them thousands of dollars per shot - but they are not getting anything like that number of messages back again, so they have to keep buying more credits. What was an attractive business model is now much less so.

One big issue would be that this system increases the incentive for hackers to try to send their spam using your credits, or to get millions of computers to start sending them thousands of emails each.

This risk can probably be managed via a few precautions initially; others will evolve over time as these things do ...

a) stamps have no redeemable or other commercial value, so the only possible reason to collect lots of them is to send lots of emails. Spammers might want to get good at this, but it would still make it more difficult for them than it is being able to send spam for free now

b) the system should require a quick login to the micropayment validation server prior to authorising any mail sending. This would (probably) be a pain if you needed to do it for every email you send, so you would rather login once when you open your mail client, and logout when you close it. Additionally, it could force a login every X messages (you set the interval), or if mailout patterns indicate likely foul play, etc

I'm sure that there are a lot of other potential issues - what are the killers??

kindachewy, Jul 04 2009

Similar HB idea with physical junkmail ... Junkmail_20Stamps
[kindachewy, Jul 04 2009]

Same kind of thing but ... Certificates
The thing about money is it's much less easy to fake it. And stamps are a simple, easy, common idea that everyone gets while digitally signing stuff isn't [kindachewy, Jul 04 2009]

Money-based, but ... too much Deposit_20mail
$1 people might do. $150+ ... I don't think so. Also, issues with false reporting, malicious blocking, etc [kindachewy, Jul 04 2009]

Spam-onomics article http://www.theregis..._economics_of_spam/
Suggests spam can CURRENTLY be lucrative at 50 responses per million ... even as low as 1 per million [kindachewy, Jul 06 2009]

Tim Bray summarises a discussion at the first Foo Camp http://www.tbray.or.../16/Internet-Stamps
[jutta, Jul 06 2009]

[link]






       I kinda like it. My guess is that similar schemes have been mooted before (certainly, the idea of a very-small-charge per email has been mooted here and elsewhere). I daresay it has flaws which others of a more technical persuasion will point out.   

       Personally, I think spamming should be an imprisonable offence. (Perhaps it already is; they need to imprison more offenders.)
MaxwellBuchanan, Jul 04 2009
  

       I half-baked an idea a couple years ago whereby each entity on the 'net (IP addy owner) set posted rates (dynamically daily) at a central location how much they charge for ingoing and outgoing packets and what their cutoff point is (what the maximum they will pay). Sadly I can't remember the part which makes it sound non-nuts, but it has anti-spam properties.   

       I'll have to [-] this one because of the negative effect on valid mailing-lists operators. [edit] (I actually meant bulk-mailers, but certainly mail-lists would get hit too)
FlyingToaster, Jul 05 2009
  

       I actually think mailing-lists are stupid: NNTP is *much* more efficient for that kind of thing: it's what it was designed for.   

       But people don't know any better, so they buy mailing-list proggies and clog up the 'net and people's Inboxes with almost indecipherable messagess.   

       But I digress; still [-] because there are *valid* bulk mailers who would be penalized.
FlyingToaster, Jul 05 2009
  

       Tried to update the idea for [FT] et al on bulk mailers ... but it's then too long (oops!)   

       ------- Legitimate bulk emailers (or lists) purchase a one-off wholesale licence, a bit like in the Deposit Mail linked idea, for e.g. $500. Their mails come with a special stamp which identifies it as being from a legitimate and registered bulk email provider. Your mail client creates an automatic list of all bulk mail providers you have received mail from, allowing you to easily identify which ones you do or do not wish to receive: these you can block and/or auto-unsubscribe.   

       Bulk mailers receive notification of which addresses have blocked or unsubscribed (so they have better knowledge/control of the quality of their database). Egregious bad practice (such as continuing to send stuff following unsubscribe, or using multiple different registrations to try to sneak around this with the same content) will result in termination of the licence .. the stamps will no longer work
kindachewy, Jul 05 2009
  

       [wakeup] No - $1 only buys you (e.g.) 1000 mails. Could be much less in practice (e.g. if people set their limits higher).   

       So to send a million messages will cost you $1000+ The premise of the idea is that spammers make little profit relative to the number of addresses they hit ... if you need to send a million emails to get a good chance of making $100, it's still very worthwhile doing that when emails are free, but NOT if its going to cost you $1000 to do it.   

       (in fact, this may undermine [FT]'s concern ... if there is any valid commercial business model in your bulk email business, you can afford to do this ... spam, by its very definition, is stuff that shouldn't really have a valid model because so few people actually want the stuff.   

       I have left in the addition above though, because of non-commercial bulk mail services)   

       Perhaps you're right - it could be more expensive per mail. e.g. minimum purchase of $10 ($1 is too small for a credit card tx anyway, $10 still not a lot for spam freedom) and as much as $0.10 per emai   

       As long as you receive as many (non valid-bulk) messages as you send, you've still got no further cost
kindachewy, Jul 05 2009
  

       [FT} I had an idea back in early 2000s which I called 'first class' internet, which sounds like the bastard child of yours and this one.   

       Idea was that you could create 'priority' bandwidth, like toll lane highways. A second tier of commercial bandwidth providers would put in pipes that could only be accessed by routers which would require a similar micro/nano payment per packet received
kindachewy, Jul 05 2009
  

       Who escrows the money?
What's the profit model for the escrow company? (Presumably the profit model is that money flows in to the system and never back out so an organization could ride the float)
What stops a spammer from issuing stamps to himself for free?
How is the overhead of millions of micropayment transactions flowing back and forth across the Internet - and their associated security risks - better than spam?
phoenix, Jul 05 2009
  

       [phoenix] - the money is not redeemable, so it's not really escrow. It's a service, with the profit model being that you get to keep all the money ... now you just have to run the system effectively, generating and checking valid value licences etc.   

       There is only one issuer (or possibly a very small number of licensed competitors to avoid over-dependence on one entity). The whole system depends on being able to create non-fraudulent points. On the other hand, being tiny micropayments, there isn't a big payday from being able to generate/crack small numbers of them and it will pretty much always cost more to do than the benefit is worth.   

       Wrt overhead ... yes, there is quite a bit. But it's designed to be relatively small per tx, as well as invisible to the end user, so your mailbox stays clean and you don't have to deal with thousands of emails suggesting you might like your penis to be unnecessarily bigger (especially when you're a woman!)
kindachewy, Jul 05 2009
  

       ++++   

       //But I digress; still [-] because there are *valid* bulk mailers who would be penalized.//   

       A very good point. What if you only buy a stamp if you are not in someone's friends or contacts? Once accepted you no longer need to buy stamps to send messages.   

       What can also be arranged is that charitable organisations (or mailing lists that you have signed up on) for example, can purchase a yellow stamp which allows them to send you messages, but when you accept/deny or delete msg, you send the stamp back. There is no incentive to keep stamp as you cant use it and it will clog up your inbox. If you receive spam, you click 'spam' and stamp is deleted. The price of yellow stamps will be much higher than green stamps. When it comes to the green stamps, which we use for adding contacts (the ones spammers will try buy), we must buy a stamp which we give to the recipient of our invite.   

       Minor problems: -price of green stamps can't be too low because 'accept contact' would just become a new for of spam. -initially getting everyone on our programme. -possible cheaper and better solutions to spam. -some charitable organisations that can't afford enough yellow stamps.   

       Advantages -NO SPAM!   

       Opportunities: -Organisations can only buy the yellow stamp and private email addresses can only buy the green. -If we make a site which offers this service, we can offer a sort of phone book of emails (problems being that it will make it even easier for spammers to get their hands on our info and we will have 200 Pamela Anderson's accumulating a lot of green stamps)   

       Spam will be awesome to receive, we will just get a bunch of green stamps!
danman, Jul 05 2009
  

       Initial plan was 'known' correspondents are allowed to send for free (as per [danman])- but seemed easier to just make it one size fits all.   

       The problem of poverty-stricken mailing listers does mean that this is potentially required however. So ... now as a sender you only need stamps for sending to people who haven't accepted you   

       Happy now? (You can take those bones away??)
kindachewy, Jul 05 2009
  

       //only class of sender// - yes. That's who it was desigend to address. Seems to be pretty good agreement that they have been, are and will be a continuing problem.   

       Your point?   

       //WIBNI// - yah, right
kindachewy, Jul 05 2009
  

       //trying to change the SMTP protocol// No. I thought it was in the description, but must have left it out of the posted version ... this is based on a voluntary plugin for mail clients that would sit on top of anything currently existing, entirely independently.   

       Over time, the gods of SMTP might choose to incorporate this. If so, great. If not, also great.   

       Further, the legal route has manifestly failed (so far, and it's had a long time to prove itself). Given the choice between legal systems (generally asinine, let alone different in each country and extremely difficult to apply effectively even within one country, before you worry about cross-border issues) and economic rationality, economic rationality is usually a better bet, any day.   

       Also, the spam filter method is quite a clunky, complex process which tries to work out probabilistically from a big bunch of data whether something is spam based on source mailservers, content patterns, etc etc   

       The simple fact of a probabilistic process is that it may work quite well, but can never be perfect. It gets it wrong - both allowing cleverly disguised spam through, and (worse) stopping valid mails.   

       And ... as for [phoenix]'s point about overhead ...   

       The point of this idea was to adopt a different approach, which goes to the root of the problem and makes most of that redundant via a simpler & more effective model   

       //Advertising is bigger money// - There is nothing wrong with commercially valid advertising. As per your own comment to [FT] there is a cost (not actually that small for most of the ones you cite) associated with other ad campaign media. This serves to filter out totally worthless campaigns which (currently) can be attractive to a spammer simply by increasing the volume of mails sent. You simply don't get the same kind of massively bulk spam via these other channels ... why? because it costs! As a result, valid advertising tends to be (most importantly) much lower in volume, much more professionally authored, and much more likely to be telling you about stuff that may actually be of interest to you   

       If you happen to really detest having to see any advertising by anyone, then a) don't watch TV or movies, read magazines or newspapers, or listen to radio, b) drive with your eyes closed, c) set higher 'incoming mail' thresholds   

       The problems with spam are not that it is advertising, but that:   

       - it 'spams up' your mailbox because of the volume of unwanted mail which makes it difficult to access the stuff you want (OK, so effective filtering greatly reduces this part of the problem, although false negatives and positives still remain)   

       - it 'spams up' internet bandwidth with huge volumes of traffic (Have seen some interesting stats somewhere about what percentage of all mail is spam, but can't remember details now - just that it was horrendously high)   

       - it often contains content that some may find offensive   

       //totally redundant// no. Yes - spam filtering is (relatively) effective ... but, as per comments above. The fact is that spam continues to flourish. The idea is NOT redundant, because ... the problem is still there. because this idea works totally differently. because this idea works better - either alone, or on top of existing methods. because this idea is relatively simple. because this idea is relatively good value for money. ...   

       Note - in the originally posted version this idea is entirely independent of and different from the //"Yeah, I like these emails, they're not junk"// mechanism, because it applied equally to ALL mails.   

       ---   

       BTW why do you assume I 'probably' don't understand advertising? or spam filtering? etc? Seems a bit presumptuous to me ...   

       Sorry if I yanked your chain by labelling you [wakeup] in a lighthearted moment, but your comment indicated you had misread the idea
kindachewy, Jul 06 2009
  

       apologies for wordcount ...
kindachewy, Jul 06 2009
  

       //it applied equally to ALL mails//
which is my problem with it.
  

       I'm on what I consider to be valid lists (ie: I explicitly gave them my addy for that purpose) for a few small companies that may have thousands or even tens of thousands of people on their list.   

       I'm not referring to people that buy&sell lists of course: they should be jailed.
FlyingToaster, Jul 06 2009
  

       [FT] - yes, which was why we've now built in the option for them. Just pointing out to [bs] that the idea is actually rather more than just about identifying which emails aren't junk ...
kindachewy, Jul 06 2009
  

       All comes down to spam-onomics   

       Whether it is about generating sales, or click throughs, or virus/malware infections, or phished information etc ... How much - per mail - does the average spammer make?   

       Because of low costs, spam can be attractive to the spammer at success rates as low as 1 in a million (LINK)   

       So ... the chances are that your spammer will need to send a hell of a lot more than 1000 mails to make the once off $5. And that's if the magic number is $0.001 per mail -> as suggested it could be as high as ~ $0.10 per mail, as long as these stamps are circulating around sufficiently   

       Assume $5 revenue per 1000 mails Assume $0.01 as a more realistic per-mail value. It's going to cost $10 to send those mails. That's not an attractive business model, any more!   

       Effectively the idea is that the additional costs leverage exactly that which we hate about spam (its vast assymetric volumes) to ensure that tiny amounts of money that do NOT inconvenience normal people, DO significantly erode profitability - and may even significantly exceed total revenue for the spammer.   

       As a result a good many spammers will simply stop sending the stuff in the first place.
kindachewy, Jul 06 2009
  

       And the inconvenience to you and I is minimal.   

       Need to login when you access your mail client, or if it seems to be behaving strangely;   

       Need to purchase e.g. $10 worth once off (1000 mails @ $0.01, probably enough for life with circulation of credits)   

       ... err ... that's it.
kindachewy, Jul 06 2009
  

       Micropayment stamps have been proposed for many years; the idea is widely known in the anti-spam community. A more deeply explored form uses -> hashcash in place of actual money.
jutta, Jul 06 2009
  

       hmm... of course there's the exact opposite solution:   

       Have a flag on your e-mail addy meaning "you will be charged 1c to send me an e-mail", personal whitelist excepted or cashbacked of course.   

       Of course that means your SMTP server has to contain your personal whitelist and that e-mail servers have to do verification of sender.
FlyingToaster, Jul 07 2009
  

       I had a similar idea where you pay 1c to send an email, which is refunded when someone clicks Reply. Obviously no-one would reply to spammers so they would be way out of pocket.
simonj, Jul 07 2009
  

       Jutta's link is the best discussion of the concept I have seen - wasn't aware of it, but feel in good company now!   

       //hashcash// (based on computational cycle cost rather than cash) interesting but not much of a profit motive to make it work - also not much use with zombie nets   

       [FT] - how is that the //exact opposite//? Sounds the exact same to me ...   

       [BS]. No - not remotely about legitimising anything. Big glossy attachments will cost them even more, so they're unlikely to do that. (In fact 'hashcash' would be almost the equivalent of forcing *everyone* to attach big glossy things in order to deter spammers ... although it avoids the excess bandwidth issues).   

       Simply (as all the other guys have explained) about making it MORE costly for them than currently so they don't do it. We appear to be missing each other here, so sorry if I'm not communicating effectively ...   

       Nice links. Wrt software adoption ... API can be published as freely available, and email client companies encouraged to build it in. Plugins can be built. Not everyone will have it ... but as it grows, it will have viral impact (responses saying you require stamps will have links for how to get them)   

       Stamp process itself is far easier and less messy than this guy proposes. The email itself is interpreted by the 'stamp' system as a payment instruction ... it already has the 'source', 'target' and 'amount'. If it manages to debit the source effectively it credits the target. It then generates a 'you've been credited' confirmation stamp which is unique, shortlived and once-only and which contains sufficient validation data to only work for that recipient
kindachewy, Jul 07 2009
  

       given that (apparently) lots of spam is from faked e-mail addresses, I gotta wonder why there's no validation between servers.   

       [kc] yeah there's plenty of similarities... when I wake up if I remember I'll try to sort it out. :)
FlyingToaster, Jul 07 2009
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle