In the spirit of the Do Not Call List. Do you think it would work? Probably not, since most spammers don't give a diddly about laws and many are outside of the US. But it would be neato if it did! Neato!

It wouldn't work. One possibility that might work is giving private parties the right to sue, but that didn't make it into the recent anti-spam legislation.

In the long run, I think some new version of email will have to come along that is designed to frustrate spammers.

Yeah, there has to be some sort of sender-pays type thing.

I recently read a proposal that had a small processor cost associated with every e-mail sent. If you were just e-mailing a friend, it's no big deal and you never notice. But if you are spamming, you need a really beefy machine to keep up. It won't put all the spammers out of business, but it makes the bar a little higher to get started.

I still think the best solution is a $0.01 per email tax. Home users wouldn't even notice (how many emails do you send each month? Maybe at the most a few hundred), and emails sent within a corporate intranet would be free (which I would imagine accounts for the vast majority of business email). The only people it would really affect are the spammers, who are sending millions of emails everyday.

Right, now come up with a technically feasible way of collecting small amounts from people all over the world, and a binding way to ensure that this happens.

Who will toll the bell for micropayments now that Wumpus is gone?

Right, now come up with a technically feasible way of collecting small amounts from people all over the world, and a binding way to ensure that this happens.

ISPs can collect it when they send their monthly bill out to customers. I don't see it being much different than per minute charges for long distance or cell phone use.

The spam problem doesn't come from ISPs in the US. It's coming from poorly secured overseas servers and machines compromised by worms or trojans or viruses.

Like every single anti-spam solution proposed in the past, the problem with charging users for spam rests on the idea that everyone in the business sending mail is subject to US law and actually cares. Fly-by-night spammers will setup an account, SPAM away, and then bail out leaving no trace. How does charging money stop that? They're not going to pay their bills anyway!

The protocol has to be such that the machine on the receiving end can figure out (reliably) which mails to ignore. If the receiving machine didn't deliver the mail unless it got $0.01 per, that would frustrate the spammers fairly effectively. As was mentioned, though, the micropayments issue would have to be worked out. It might be easier in this case, though, because it would probably involve server-to-server payments, with each server responsible for prorating the charges.

If mail was only sent and accepted by known entities, it would all end. And that is what yahoo and some others have proposed.

The idea of pennies for emails is ludicrous.
Name the world wide governing body that collects any fees across all borders. And you want them to have to be collected across the 1/2 billion people using the internet? Will that be in euros? Blah blah blah, i could go on for 50 pages on the problems with that idea.

Until you can verify the sender, someone could spoof the sender. The only solution is a new protocol adapted by the big players, leaving everyone out unless they want to play.

And it is time to stop thinking the internet is a right, instead of a privledge. Until Korea and China can get on board, fuck em.

The current can-spam law was passed in a rush for one reason, to nip in the bud the California law that would have done something by letting people sue the living hell out of spammers. Can-spam was passed to allow spam, not to stop it.

Chet

Name the world wide governing body that collects any fees across all borders.

The post office?

Nope, they collect fees from within their regions, for the pay to email scheme to work, they would have to collect fees from outside their region for the individual emails sent.

Chet

they would have to collect fees from outside their region for the individual emails sent.

Chet

Please explain why. Why can't fees can be collected at the country of origin?

Nope, they collect fees from within their regions, for the pay to email scheme to work, they would have to collect fees from outside their region for the individual emails sent.

Chet

Then how does international postal mail work?

they would have to collect fees from outside their region for the individual emails sent.

Chet

Please explain why. Why can't fees can be collected at the country of origin?

Like Nigeria is really going to punch a hole in their biggest growing market. You'll still get spam from the 3rd world--you just won't get it from the 1st world countries. Since most of us are in the 1st world, we'd end up paying more to email and getting the same amount of spam.

Jason, mail works because it is a closed system with only a few entry points, all controlled by one source in each country and any exchange happens between these entities and not every country exchanges mail, for example, you cannot mail iran from the usa. On the Internet, any moron can plug in, start his own mail server and start pumping away.

You can't charge at the source, because then countries would just setup, email tax free zones and allow anyone to send away, and never collect the money because it essentially costs them nothing to do that and they could then charge a corporate tax or fee.

Chet

I'm not following why SMTP can't be made a system with closed entry points.....

Also the idea of spam being a problem is more than just an annoyance, it is a burden on the recipient. If you collect at the source, how does this compensate the person who received the spam?

Right now i am in a tussle with a moronic software company that makes software for universities, in their manual, they use the example [email protected] as an address to use so people can't mail you back (that is their assertion, I have it from 3 separate universities that the system was setup with that as the default). Problem is, I own donotreply.com and their software generates some 3-5,000 pieces of bounced mail a day.

I could give a rats ass what it costs them, I know what it costs me. And that is a cost with no benefit for me. Of course they see no reason why i should be compensated...

Chet

The point is that for someone to send you mail, they have to send you 1 cent with it. As long as the big boys demand their 1 cent/mail, it'll drive the spammers out of business; after all, someone has to pay it to the final receipient. If individual nigerian spammers don't want to pay it, then their government will have to, which will bring a pretty quick end to the whole thing.

The only problems I see are implementation (obviously) and what to do with legitimate bulk mailers. Maybe if you're white-listed the receiver reimburses the sender.

The donotreply thing is hilarious.

hey, chet. which moronic company is that?

edit: now i feel bad for all the times i typed "[email protected]" into web forms.

Then how does international postal mail work?

It's complicated. Here's a couple of links:

-Universal Postal Union (www.upu.int/)
-UPU Wiki (www.wikipedia.org/wiki/Universal_Postal_Union)

Nutshell: countries within the UPU agree to treat individual pieces of mail with proper postage of the origin country as though it had proper postage of the destination country. The total amount of mail to and from each country is weighed, and the postage differances are made up by the country's post office. It's not a exact process, more of a ballpark figure. If US sends GB 100 tons of mail and GB sends US 100 ton, it's a wash. But is US send FR 50 tons of mail and FR sends US 250 tons, FR will pay US terminal dues to make up for the inbalance. All of this is governed by hopelessly complex treaties and regulations. Ever read the DMM (Domestic Mail Manual)? The IMM is worse.

If individual nigerian spammers don't want to pay it, then their government will have to, which will bring a pretty quick end to the whole thing.

Why would you think Nigeria would be willing to pay? Who would collect the money? Where would it go?

I just don't see any pay solution being effective. The only reasonable stick you can wield is to kick a non-paying country off the Internet, and how do you do that?

Just make their IP's non-routable. Problem resolved.

... of course the second you start charging to send emails, say goodbye to all those free discussion mailing lists you may be part of. As well as email notifications from web forums such as this. etc, etc.

Personally, while I hate spammers, spam itself really doesn't bother me as much as it should. I get over three hundred spams a day, every day of the year, and yet I only actually see maybe one or two of those spams every third or so day.

Bayesian spam filtering works wonders, a feature for which I use Mozilla Thunderbird for. For those of you who wish to use another email client, the SpamBayes Project ( http://spambayes.sourceforge.net/ ) has just released version 0.9, which includes a Windows installer now, and is cross-platform compatible. You can use it as an Outlook plugin, or as a POP/IMAP proxy for other email clients on the Windows side of things.

I've also been using Spamassassin for years on a number of email servers, part of which I kind of wish Chet would make it an option for those of us using poehosting. ;)

I'd much rather filter the spam on my end, rather than someone doing it for me, and risking losing something pertinent. Or worse, as has been mentioned, someone being charged for the legitimate use of bandwidth.

That's what I like about the bayesian spam filtering, it's done on my end and allows me to check in on it every so often to see how it's doing.

As for a server-sided option with Spamassassin, most hosting sites that offer it have it configured so that the end-user has to put a config file in their account directory to have it filter their mail, and that config file can set it so that mail marked as spam by the particular levels you want is either deleted outright, or merely marked with a "X-spam" header so you can still download and easily filter on your end.

Freak, regular mail is hard.



If individual nigerian spammers don't want to pay it, then their government will have to, which will bring a pretty quick end to the whole thing.

Why would you think Nigeria would be willing to pay? Who would collect the money? Where would it go?

I just don't see any pay solution being effective. The only reasonable stick you can wield is to kick a non-paying country off the Internet, and how do you do that?

The US would refuse to accept Nigeria's email unless they pay us for it. Seems straightforward enough.

The US would refuse to accept Nigeria's email unless they pay us for it. Seems straightforward enough.

That's the sort of straightforward solution that sounds wonderful until you find out how the internet actually works. How would you tell which e-mail was from Nigeria? Especially with the spammers hacking mailservers in other countries and using stolen payment codes and using proxies to hide source IP addresses.

The Internet was designed to move data (any data) from point A to point B, routing around obstructions as necessary. While I'm sure the original designers were only considering technical failures as obstructions, man-made obstructions are almost as easy to circumvent. The only way to change this would be a fundamental redefinition of the Internet Protocol. Then you'd have to convince every computer on the internet to change protocols. This is highly improbable. Hell, MS can't even get every PC on the internet to install critical security updates.

Look at China, where the government spends large amounts of money attempting to regulate the Internet usage of the Chinese people. Using both legislative and technical means they've clamped down hard on the Internet. Happily, they haven't been fully successful because the Internet resists regulation.

I'm of the opinion that changing SMTP is be the solution to spam, but it must be approached carefully. If SMTP is re-defined in a way end users don't like then another protocol will quickly flourish in its' place. The IM protocols would be my best guess. All the IM services would need to do is add a deferred-delivery option and IM could instantly take the place of email. Look how quickly the P2P protocols spread when end-users demanded them. Changing SMTP to have better technical safeguards again SPAM without trying to force unwelcome changes on users seems the best route. This will prevent another protocol from stealing SMTP's niche.

Oh, there's obvious problems, but I think they're surmountable. Spammers hacking servers on other countries? Not our problem - the other country has to pay to send it to us, and they'll watch that stuff like a hawk to keep from having to pay us too much money.

The thing is, I don't think this would change much for end-users, excepting discussion lists. You'd just see "send 1000/emails a month for free, 1 cent per after" added to ISP price listings.

The big change would be at the ISP level; no more direct connect & send. There'd have to be a tree you send the mail up and down.

So the solution is to change the entire basis as to how email is sent, requiring hardware and software changes at every last level of network in the entire world, as well as a system put in place at every last email server (not everyone relies on an ISP to handle mail) so that it can monitor all incoming emails and attempt to properly charge the responsible parties hard cash?

I see just another messed up, complicated system that will still be gotten around, and will only result in new scams being developed. Heck, in this system, viruses could be created to email thousands of dummy accounts held by an organization that simply wanted to collect the fees. Not to mention simple email log fraud involved once real money becomes involved.

I'd say a much simpler solution would be to admit that no solution will be perfect, and to look at realistic solutions that can be put into place tomorrow.

For example, make sure you use an ISP that does reasonable spam filtering on their end, and do a reasonable amount of filtering on yours.

Is a few spam emails that will get through every so often really worth the cost and complexity that these "pay to send" programs entail?

Maybe. A spam system that blocks a legitimate mail really sucks, though.

But to send "legitimate mail" you're going to have to make a number of people jump through hoops they may not be willing to make.

Example: Small company X has their own email server running off their own domain. They'll now have to either have an agreement with an ISP to handle all their e-postage-stamp billing and payment (Yay! More ways for ISPs to take our money!) or do it themselves. Now multiply that by hundreds of thousands of small businesses and you've just added far more complexity than there should be.

Most spam blockers and filters these days can be configured with various degrees of filtration and marking. When you can score your messages for spam content, all you have to do to prevent false positives leading to lost legitimate mail is simply raise your score requirements for something to be marked as spam. Sure, you'll let through a few spam mails, but is one or two spam out of hundreds really all that bad?

Beats me. I just don't expect bayesian filtering to hold up.

Well, honestly, if your spam problem isn't serious enough to make you at least try one of the Bayesian filters, then it probably isn't serious enough of a problem that we should be looking into changing the entire Internet. ;)

I certainly wouldn't shed a tear should a hunting party go off and lynch Alan Ralsky (www.freep.com/money/tech/mwend22_20021122.htm), but far too many people complain about spam as if it's personally killing their pet and running off with their mate, all while not every trying some of the reasonable solutions to reduce the angst the issue causes.