Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Microsoft

Penny Black Project Investigates Sender-Pays E-mail 364

Posted by timothy
from the what's-the-deductable-please dept.
Anonymous Coward writes "The Inquirer reports: Microsoft contemplating charging for emails. 'MICROSOFT IS UNFOLDING something it calls the Penny Black project in which people sending emails might have to pay for the privilege.' Microsoft's explanation of the project is here: The Penny Black Project." There are a lot of things going on at Microsoft Research -- no guarantee that particular ones are going to be released in the real world. (And Microsoft isn't the only party interested in sender-pays, or at least sender-risks-paying systems.)
This discussion has been archived. No new comments can be posted.

Penny Black Project Investigates Sender-Pays E-mail

Comments Filter:
  • by GreyWolf3000 (468618) on Saturday February 15, 2003 @02:59PM (#5309605) Journal
    The Penny Black project is investigating several techniques to reduce spam by making the sender pay. We're considering several currencies for payment: CPU cycles, memory cycles, Turing tests (proof that a human was involved), and plain old cash.

    This is an anti-spam tool that doesn't need to be paid in cash. This also presents /. with an interesting juggling act: we hate Microsoft, but we also hate spam.

    • At this stage as a research project it's a tool that doesn't need to paid in cash.

      Why do I suspect that by the time Microsoft management gets through with it, it will be payable in cash only, and to you know who.

      Want to send email to anyone to or from MSN, Hotmail, or any other MS-owned domain? Sure thing -- is your license of Microsoft Postage paid up?
      • This wouldn't bother me one bit. I don't have any desire to send messages to anyone with any of those addresses. Nor do I wish to recieve email from anyone with those addresses.

        The unfortunatly thing would be that I can see the US postal service jumping on board with this. Issuing every US citizen a unique email address and then charging for it's use. Which I also have absolutly no desire to have, or pay for.
    • by $$$$$exyGal (638164) on Saturday February 15, 2003 @03:07PM (#5309655) Homepage Journal
      This doesn't look like an anti-spam tool:

      The Penny Black project is investigating several techniques to reduce spam by making the sender pay. We're considering several currencies for payment: CPU cycles, memory cycles, Turing tests (proof that a human was involved), and plain old cash.

      This just looks like a group (of smart people) that are investigating ways to reduce spam.

      --sex [slashdot.org]

    • it would never work (Score:4, Interesting)

      by Anonymous Coward on Saturday February 15, 2003 @04:37PM (#5310132)
      I'll tell you why this would never work - or actually maybe why it *will*. Because big business can afford a penny per message and little guys can not.

      For instance, I run a popular auction site and on your average day my system sends out about 1,500 auction-won notices, 1,500 auction closed notices, 2,000 auction closed without a winner notices, 200 account related notices (new accout, lost password, etc) and about 500 misc emails for other various reasons.

      This comes out to almost 6,000 messages per day from my system (which is 100% free by the way). This doesn't even count personal correspondance.

      Now there are a few questions. First, I run my own mail server for the auction site. Do I pay myself $60/day to send email? Or do I pay my ISP even though it isn't their server? Or do I pay microsoft for the right to send email from myself through my own server to my own users who are expecting to get these messages?
    • by Ed Avis (5917) <ed@membled.com> on Saturday February 15, 2003 @05:00PM (#5310245) Homepage
      The idea of using CPU cycles as payment is not new, check out Hash Cash [cypherspace.org].
  • by aerojad (594561) on Saturday February 15, 2003 @03:00PM (#5309607) Homepage Journal
    I think my desire to see the 1998-99 internet doubles every time I see a story like this.

    It is rapidly being forgotten that things being free was one of the reasons why this internet thingy took off in the first place.
    • by quacking duck (607555) on Saturday February 15, 2003 @03:05PM (#5309634)
      It is rapidly being forgotten that things being free was one of the reasons why this internet thingy took off in the first place.

      Much like freedom though, there are always the jackass minority that abuse it and wreck it for the rest of us.

      • by gilroy (155262) on Saturday February 15, 2003 @03:22PM (#5309746) Homepage Journal
        Blockquoth the poster:

        Much like freedom though, there are always the jackass minority that abuse it and wreck it for the rest of us.

        Ah, the Tyranny of the First Defector: Whoever first decides to abuse a system reaps maximum reward, which (a) encourages more defectors and (b) reduces the willingness of collaborators to remain in the game. It happens because defection lowers the average benefit, but the defector doesn't care about average benefit. He cares only about his specific benefit, which can easily exceed the average.


        The end result, though, is that the average benefit declines and the specific benefit decreases even faster until we're all stuck mucking around at a single, much lower benefit. Phoo!

    • RTFA (Score:4, Informative)

      by Keebler71 (520908) on Saturday February 15, 2003 @03:27PM (#5309784) Journal
      RTFA, this isn't about charging for email use. This is about making people ACCOUNTABLE for excessive email abuse (i.e. spam). Just one of the options being considered is charging money for it, also considered are cpu cycles, etc.
    • I have a good idea. Why don't we build a new internet?

      See sig for details.
    • The end-user will be in charge of debiting the sender. If a stranger sender is told that he must pay, but will be credited if it's not SPAM, the SPAM problem is solved. Rich spammers can spam me all they want for ten dollars a piece.

      Join the IM2000 mailing list.

      http://cr.yp.to/im2000.html
      • Seriously, I think this is a really nice plan. Sort of like a deposit program. Yes there will be abuses, but the fact is that it is a reasonable start and does NOT cost money.

        The problem I have with paying to send an email is that it is yet another cost to add to your monthly bill.

        People like to pay for things in all or nothing mode. Why do you think people get cell phones that say you can call for X minutes for free. Pay cable and you get X channels, etc.

        When you are nickeled and dimed to death people become conservative when they should not. Witness in Europe the changing Internet usage when people switch to DSL or Cable.

        But back to the point, REALLY nice idea....
  • by SpikeSpegiel (622734) on Saturday February 15, 2003 @03:00PM (#5309610)
    This could be a good thing, after all, if spammers had to pay for all that mail they send, they would have problems sending millions a day.

    On the other hand, I don't want to pay for email, I already get it for free. I think that this idea would be great if it could somehow charge spammers for emailing me, while letting me send out whatever i want.

    Email is already free, I don't see a way for any company to charge for it, but I am all for using any tool to stop spam as long as it doesn't hurt me.
    • How about you pay a fee for every email you send beyond the twentieth one. Most would never incur such penality. However, it would destroy the idea of 'free' newsletters being sent by email.
    • How about trying this idea out: Every email account gets ten free emails per day, and after that, they are charged. Or, in a similar vein, give each email account a (low) free bandwidth count (number of kilobytes), and after that, charge them.

      I think either of these would work, but only if *every* *single* *ISP* *in* *the* *world* did this. If even ten percent didn't, we'd see a mass migration of spammers to thos sites. Then again, if that happened, it'd be very simple to block those sites :)
      • Every email account gets ten free emails per day

        Why 10?

        I was sorting out my work inbox this afternoon and noticed the number of emails received today:
        20 personal emails from coworkers and friends (yes, we are allowed)
        Around 10 from customers I have performed tech support duties with
        20 from other departments connected with my work
        And at least 20-30 informational emails from our administation department which are essential to perform my job.

        Yes it is an Exchange server, but that doesn't account for the external emails I send/receive from customers and other coworkers in the field, who use external mail servers.

        Maybe you are referring to personal mail accounts, however, 10 is very limited - imho of course.

        Tim

    • Would spammers really have a problem spending money to send emails?

      Lets think about this:

      1) Ever looked at your snail mailbox? No SPAM there, oh wait yes there is....
      2) Ever sat down at the dinner table and had somebody phone you? No SPAM there, oh wait there is too....
      3) Ever turn on TV in Europe late at night and had to watch during the commercials how you have the chance to talk to a "really mature and hot woman". No SPAM there, oh wait there is too...

      The point is that because the Internet is free does not mean there is more or less SPAM. Even SPAMMER have costs, like finding a server, bandwidth, etc. I would even say that the ISP's contribute to the problem because often they turn a blind eye to SPAMMERS themselves. SPAMMERS chew up valuable bandwidth, which in turn makes money for the ISP.

      Charging for SPAM will do nothing to lessen the SPAM. It will only increase the price of those that want to SPAM. Face it folks advertising, or OOPS SPAM is here to stay and it is getty nasty!
      • OK, I'll bite.

        1) Ever looked at your snail mailbox? No SPAM
        there, oh wait yes there is....

        Paid for by the sender. In addition, the DMA has an opt-out list that they honor.

        2) Ever sat down at the dinner table and had somebody phone you? No SPAM there, oh wait there is too....

        Again, paid for by the caller. Again, an opt-out list (state-by-state in the US, anyways). The magic words are: "Put me on your do-not-call list... NOW!"

        3) Ever turn on TV in Europe late at night and had to watch during the commercials how you have the chance to talk to a "really mature and hot woman". No SPAM there, oh wait there is too...

        And how do you think that the "free" TV is paid for? In addition, on TV, you have multiple channels.

        In all your examples, the financial onus is on the advertiser. With current email models, there is no financial onus on the sender, so it's economically feasible for them to send zillions of emails for an INCREDIBLY small return.
    • With one tweak, it could be quite tolerable.

      Let's say it's FREE to send email to people who's "white list" you're on. This would include (if you're like me) 95% of the emails you send each day.

      When you're sending an email to someone who doensn't know you (e.g., you're not in his addressbook "whitelist"), it costs you a penny.

      For me, it would probably cost me between a dime and a quarter each month. I'd say that's well worth it to stop spam *and* to increase the chance that an email I send cold is read.

      Sadly, most--if not all--unsolicited email I receive goes straight into the recycle bin. Who knows what I'm missing?! --

  • The easiest way to deter spam is to charge per byte rather than a flat monthly fee. Of course this has the (sometimes) undesirable side effect of increasing the cost of downloaded/pirated goods...
    • by jrumney (197329) on Saturday February 15, 2003 @03:09PM (#5309662) Homepage
      Since spammers most often hijack the resources of others to send their spam, making the "sender" pay directly will often hit the wrong person in the pocket. The real solution is to prevent the hijacking of resources in the first place. It does look like some of the Microsoft Research proposals (the Turing test idea in particular) might address this problem to some degree too, it will be interesting to see some more details once the research has progressed.
      • Although it's not detailed in the report, I don't think the scenario you're describing is a problem. All you need to do is to redefine 'sender' to be the originator of the email, and NOT the first MTA the email hits. Ie, the 'sender' is the spamming mail client. The ISP's MTA, for example, would demand the same ticket exchange that the receiving MTA demands. In effect, the resultant ticket exchange is the sending client, and the receiving client... the MTAs just pass tickets along.
  • nah (Score:3, Insightful)

    by awx (169546) on Saturday February 15, 2003 @03:01PM (#5309613)
    from the article:
    The Penny Black project is investigating several techniques to reduce spam by making the sender pay.

    Well sorry, but I get a pile of junk mail every week on my doormat through my post and in my papers - and the senders have had to pay both to print AND send that...
    • Re:nah (Score:5, Informative)

      by Mitreya (579078) <mitreya.gmail@com> on Saturday February 15, 2003 @03:17PM (#5309721)
      Well sorry, but I get a pile of junk mail every week on my doormat through my post and in my papers - and the senders have had to pay both to print AND send that...

      Well, yes, but from what I understand this pile of junk mail supports the post office. Now spam supports no one and steals resources from everybody's networks.

      Also, junk mailers tend to be pretty good about removing you from their lists precisely because it costs money to send junk mail. When it costs money, they will not send it to someone who resents them enough to call with removal request. Again, spam has no such insentive... your email becomes more valuable with "active" mark, that's all.

      • Re:nah (Score:2, Informative)

        by jfruhlinger (470035)
        >Well, yes, but from what I understand this pile of >junk mail supports the post office. Now spam >supports no one and steals resources from >everybody's networks.

        Actually, junk mail is sent at bulk mailing rates so low that in fact it costs the post office money, which they then pass on in the form of 1st class mail stamps. All postal rate increases have to be set by congress, and the direct mailing industry has a powerful lobby, so it is very difficult to get those bulk rates increased.

        • Re:nah (Score:5, Informative)

          by Guppy06 (410832) on Saturday February 15, 2003 @05:15PM (#5310310)
          "Actually, junk mail is sent at bulk mailing rates so low that in fact it costs the post office money, which they then pass on in the form of 1st class mail stamps."

          Spoken like someone who has zero experience with bulk mailing.

          "Bulk mail" is cheaper for the simple reason that it is a labor-sharing program between the USPS and the mailier. The mailer pre-sorts their mail (hence the official name "presorted mail") by region before handing it off to the post office. The finer the level of sortation, the less the mailer pays in postage. A mailer that goes so far as to sort down to the carrier route (putting the pieces in the tray in the order the delivery person goes down the streets) pays considerably less than mailers that sort just by three-digit zone. This is sorting that the USPS itself doesn't have to pay for, hence the smaller postage.

          And on top of that, the mailer can elect to drop the mail into the mailstream closer to the delivery point. Mailers pay less if they're willing to drop the mail off in the destination zone themselves, and they even have the option of dropping the presorted mail off at the destination post office.

          The price of first class mail versus standard mail doesn't subsidize standard mail, it pays for services that don't come with standard mail. Services like "forward to the recipient's new address," "return to sender" and the like. This is why putting "return to sender" on those CDs AOL sends through standard mail doesn't do a damn thing; they didn't pay for the return-to-sender option.

          "All postal rate increases have to be set by congress,"

          No, they're set by a board of governors appointed by the White House and approved of by Congress. Congress can only say "yes" or "no" to rate change proposals. Anybody that wants to make alterations to rates have to go through the board of governors.

          "and the direct mailing industry has a powerful lobby,"

          Yes, direct mailers have representation in the board of what the USPS refers to as "stakeholders," but they are far from the only stakeholders (ie. customers) represented there. For example, all bills must be mailed at first class rates, which means utility companies are interested in keeping first class postage down.

          But this is all besides the point. There is no cross-subsidization between rates as you are suggesting. That is flat-out illegal and frequent GAO investigations have shown that this is not happening (and I dare you to find a link with unrefutable evidence to the contrary) (No, intentionally misleading "libertarian" opinion pieces don't count). And even if they were compelled to keep standard mail rates lower, the USPS still has the problem of paying for itself, as postal operations aren't subsidized by taxes.

          All in all, the USPS runs a heck of a lot more reputible operation than, say, any Baby Bell or CATV operation. They don't have anywhere near the public oversight the USPS has, which gives them more freedom to abuse their monopoly powers. And in the end, these corporations care about their investors far more than their customers.

          And if you want to talk about powerful lobbying groups, take a look at all the money UPS is throwing at Congress to have the whole thing shut down. The same UPS that has raised their rates higher and more often than the USPS. Hey, it keeps the shareholders happy...
    • by Judg3 (88435)
      Well sorry, but I get a pile of junk mail every week on my doormat through my post and in my papers - and the senders have had to pay both to print AND send that...

      Not only that, they get a special "bulk" rate, thats about half of what we pay to send snail mail. So odd's are the same model might apply to email - our email's would cost a penny each, the spammer's about a half cent each.

  • Good news! (Score:3, Funny)

    by Pilferer (311795) on Saturday February 15, 2003 @03:02PM (#5309617)
    I'd love to see spammers pay a penny per spam. Or better yet, pay ME a penny per spam! I'd be rich! (Insert 1..2..3 Profit! joke here)
  • by fmaxwell (249001) on Saturday February 15, 2003 @03:03PM (#5309623) Homepage Journal
    Every time that a discussion of anti-spam legislation comes up, there is always some vocal minority that screams about how all laws are bad, spam is free speech, the government is evil/incompetent/big brother, and other such nonsense.

    Well, without legislation, this is the way that the market will handle the problem. They will put a for-profit, sender-pays e-mail system into place.

    If you don't want to see this happen, contact your Congressional representatives and demand that they pass legislation making unsolicited commercial e-mail illegal.
    • Except one doesn't necessarily have to pay with money. As the article clearly states, the "payment" can be either a Turing test, money, or CPU cycles.

      Give me one reason to believe that Microsoft is stupid/bold enough to get away with chargine Joe Sixpack for his e-mail (given the amount of control Microsoft has over the e-mail market right now).

      Also, saying this is a slippery slope and, while it may begin with good intentions, could eventually lead to widespread abuse is the very core of most "anti-government" arguments. While you didn't spell this out explicitly in your post, you'll have to fall back on that argument at some point, given that the article states good intentions, and you're accusing them of having bad ones.

      Is Microsoft a bad company? Yes. Was your post nothing more than self-important posturing? Yes. Did you read the article? Probably not.

  • how the hell do they expect to collect, and who do they expect to actually pay this?

    Sounds like an interesting pipedream by someone from Microsoft's research department, I'm not going to pay them, yes, I use OE, (great, I'm going to get dozens of virii now...), but I'll switch over to pegasus mail or some other free mail application. Hell, I'll try to rig pine to work just for the hell of it...
  • Just fix SMTP! (Score:4, Insightful)

    by crt (44106) on Saturday February 15, 2003 @03:06PM (#5309642)
    This whole thing is really just a way to deal with the fact that SMTP doesn't do any real authentication of ANYTHING when it receives a message. Developing a whole side protocol to run along-side SMTP and "verify" that a message is sent by a human or creating some micro-payment scheme really seems like a waste - getting it widely adopted would be at least as hard as getting a replacement protocol for SMTP adopted - so why not focus on that?

    An SMTP replacement that verified - at least - that the domain of the sender was correct - would cut down on spam tremendously. Virually all spam I get has forged headers and invalid reply addresses.
    • by tpengster (566422)

      Changing SMTP means switching over every SMTP server and relay.. that's a lot of work and there's a lot of financial resistance to that.

      On the other hand this micropayment system can be implemented on TOP Of SMTP... using a server that issues digitally signed tickets, which can simply be appended as an attachment to the emails.

      Certainly this system will meet some resistance as well, but much much less. It will only require the clients to change what they are using, not the servers. However in the long term we could probably consider a replacement for SMTP... for example we could roll out the client code together with the client code for this Penny Black system. Then, if this system gets wide spread then people can deploy replacement-for-SMTP servers confident that clients will be able to use them

      • You could just expand SMTP like has been done before. If the capability to authenticate micro pay etc was added in in such a way that didn't break old versions thats gives people the ability to migrate then turn off old non generation X clients or even better severly limit there ability to send mail.

        Authentication isn't that hard user name and password backed by radius like nearly all the dial in and PPoE connections are handled now this makes trust relationships easy to set up etc and it's not something new for the ISP's

        Removal of random relays not allowing outgoing syn's to destination port 25 is pretty easy and smart hosts are easy as well. This lets you still get all the incomming eamil you want with you own server etc but says no you must authenticate to leave the ISP if something gets sent along with this as in an appended header again it's easy enough to trace. Yea this does make it suck when the ISP's mail server goes down but hey if your that worried then you have a backup ISP right use that one (this is starting to sound like UUCP)

        Throw is some crypto say a PGP signing with the public keys stored in a DNS record to make it easy. This means the headers can be signed and we can reject anything that failed that test.

        Hrm what do we end up with a decent solution for a few years from now the sooner it gets started the sooner we get less spam.
      • by dmelomed (148666)
        You could easily run a service along with SMTP on a different port. This is how it's done with Qmail for example. The new service is advertized through MX records with special distance values. If a remote client supports the new transfer protocol, the MX record will tell it that your server runs this alternate protocol.
      • There is a natural solution to this problem - that also solves the problem of legitimate mass email.
        1. All penny black servers must also support SMTP authentication.
        2. Unauthenticated email clients must provide a penny black payment.
        3. Authenticated clients need not do so.
        This scheme allows SMTP authentication to be gradually deployed. Any enterprise with an SMTP server will be motivated to implement SMTP AUTH + Penny black to stop spam. Initially, clients without authentication will use the penny black system. If that is a bother, then they can upgrade to proper SMTP authentication.

        Legitimate mass email simply needs to support SMTP authentication.

    • IM2000 (Score:4, Interesting)

      by dmelomed (148666) on Saturday February 15, 2003 @04:26PM (#5310082)
      http://cr.yp.to/im2000.html

    • Let's say a SMTP replacement is in place and you now know for certain that the spam you just received did in fact originate from throwawayaccount@isp.net . Now what good is that information, since by the time you act on it, the spammer is done with the account?

      SMTP is clearly not the problem.

      maru
  • by Sebby (238625)
    ... but I still don't trust Microsoft.

    I think the solution to spam should be an open, non-proprietary solution, which means it will likely be open-source or IEEE/W3C approved.

  • So, the plan is to make the hundreds of millions (if not +1 billion) individuals who properly use email for individual communication in order to stop or slow down the few tens or hundreds of professional SPAMers from the expense of mass emailings. Why do I think this benefits the toll colector more than me? Why can't international and nationa legislation solve this problem?

    I would argue that the real solution to SPAM is to fix SMTP such that it authenticates users and servers at the protocol level while mail is passed from the originating server to the final destination. But of course, there's no need to charge a per-email fee in such a circumstance. And while I'm not surprised to see Microsoft devoting R&D dollars toward such a scheme, given todays 'charge for it and make it fit into an economic model or it doesn't exist' guilded age we should expect MS is only one of many to try and find a way to extract more money for the things we take for granted as free today. Would anyone like to buy some of my bottled air?

    --Maynard
  • Imagine what a dilemma this story would have been for the /. editors! While on the one hand wanting to trumpet "Yay! The end of spam!!", the other half wanted to write "No!! M$ is up to its dirty tricks again to demolish your last bit of freedom!!!". Note the uncertain, uncomfortable tone of timothy's comment: "There are a lot of things going on at Microsoft Research -- no guarantee that particular ones are going to be released in the real world." ;^)

    • Re:What a dilemma! (Score:5, Informative)

      by timothy (36799) on Saturday February 15, 2003 @03:27PM (#5309780) Homepage Journal
      Actually, I just wanted to make sure that the submission wasn't misinterpreted to mean that "Microsoft" was planning to implement this system, and that it's still ("just") a research project.

      It sounds like a decent idea to me, but with certain thorns. The biggest one is What about legitimate, truly-opt-in mailing lists? Email is a genuinely low-cost communication method for non-profit groups (not just official tax-exempt non-profit groups,I mean all kinds of clubs, associations, groups of friends, etc.), and a per-email fee intended to hinder junkmail could also pinch a lot of people I wish it wouldn't. Maybe in the end that would be a fair tradeoff, but as spam filters get better (and ISPs get more aggressive about blocking spam on their side), I'm skeptical of that.

      Also, some people send a lot of short emails; does charging per-email make sense vs. (for instance) per-byte?

      And as for my opinions of Microsoft, well, you're free to read my earlier comments about Microsoft if you want to learn that;)

      Tim
      • Re:What a dilemma! (Score:2, Informative)

        by jrumney (197329)
        a per-email fee intended to hinder junkmail could also pinch a lot of people I wish it wouldn't.

        It seemed to me that they were being careful not to pinch those people, by proposing tokens which get cancelled by the recipient if the email is genuine. They also talked about whitelists in the article, which I suppose is a method of automating the token cancelling.

  • by sstory (538486)
    I'm sure MSFT shouldn't be in charge of this, there should be a gov't mandate to ISPs, and international treaties to cover the world, ensuring that a server in Kazahkstan doesn't just fill the gap. We have to change the economics, becaues complete filtering is impossible, and email is becoming tiresome from spam. Why should you have to hide your email address in communications? Death to Spammers.
  • Bandwith charges? (Score:5, Interesting)

    by russianspy (523929) on Saturday February 15, 2003 @03:16PM (#5309709)
    Here is an idea, it is borrowed from the way ISP's pay for bandwith.

    Why not make networks pay for the e-mail that originates there? Subtract the e-mail that arrives. For most companies/networks - that will be just about an break even proposition. For the ones who allow spammers - well... that is going to get expensive pretty quickly. Sooo... they will either boot the spammers off, or get them to pay it. Either way, we win!
  • They would start by giving Hotmail users real spam filtering, instead of a limit of 250 blocked addresses. It's incredibly easy for spammers to cycle through that many addresses-- especially if you have more than one spammer throwing that sh*t at you.

    One day this week, I had 20 new emails when I logged into Hotmail, and they were all spam. This is a little more than usual, but this is a dormant account, folks! I am considering abandoning my Hotmail account because of this sorry situation. Other email accounts I have use more effective spam fighting measures, and I have the ability to filter it in Evolution, thank goodness. I have a hard time believing that the 'penny black' scheme would be much of a solution-- I think we're talking about legislating fines, a la telemarketers. We already pay our ISPs for the privilege of email and other services, and I presume spammers are paying for the bandwidth they're using, too. If MS wants to impose this upon its own Internet customers, more power to them if they're really spammers, but I don't think they should be in charge of this issue for the Internet.

    • Believe it or not, I have a hotmail account that recieves absolutely zero unsolicited emails. My other hotmail account recieves hundereds per day, its the address I use when I don't know that I can trust the recipient. My ISP account is at the same spam level as my low spam hotmail account.

      Hotmail is a very good service, not to rely on, but to have so you can sign up for websites and not spam your email address, and so you can sign up for interesting mailing lists where you can't trust their "no spam" or "opt out" promises.
      • I used Hotmail for much the same reason that you do, but I now use Yahoo mail for the same reasons. Yahoo mail has better spam protection, down to being able to mark particular messages as spam. I like it a lot better. It's bizarre how spammers latch on to certain email addresses-- but people have to have a way to get themselves "unlatched".
  • by jcsehak (559709) on Saturday February 15, 2003 @03:23PM (#5309754) Homepage
    Let's say the guys over at Penny Arcade want to send a gif out to all their loyal fans. Let's say their mailing list was 5,000 people long. It's gonna cost them $50! And if you charge per MB, it'll probably cost even more. Spam, like piracy, needs to be fought with a technical solution. These penny-a-mail type hacks just end up hurting the little guy.
  • by Buzz_Litebeer (539463) on Saturday February 15, 2003 @03:24PM (#5309765) Journal
    every mail over 100 per day through a server outside of the inteernal network (you know to the internet) would cost 1 cent a peice.

    IE you could send 1000 internal e-mails over your own network and pay nothing.

    You send 1000 e-mails to people "outside" of your inernal network in a day you pay 900 cents, or for those of you with math mad skillz thats 9 bucks.

    So a spammer trying not to pay a lot of money would have to send only 100 e-mails a day for free.

    if he sent 5000000 e-mails in a day thats 5000000-100, 4999900 pennys, or for those of you in the math "know" its 49,999 dollars.

    Now im sure that if a spammer were to have to pay 49999 dollars to send E-MAIL, their business would become less than profitable.

    Most users dont send 100 e-mails a day, even when i was getting 70 e-mails a day i didnt reply to all 70.

    auto responce mails could be ignored.

    large companies might get a "bulk" rate on e-mail, or move there services to online methods of checking (IE they dont have to flood mail servers with 'gamespy announces it got cooler') kind of e-mails.

    anyway the idea has some merits, though even now I can tink of a great many problems with it.

    anyway just a little teaser idea.
    • I install a copy of sendmail on my computer and use it to spam a hundred thousand people.

      Who charges me? Mail is just TCP/IP traffic.
    • A typical bugzilla installation (and this holds for most bug systems) will send one e-mail to everyone cced on a bug for every modification to that bug.

      Mozilla's bugzilla gets about 200 bugs filed a day (most of them also get marked duplicate the same day). Each bug generates a minumum of 3 mails -- reporter, assignee, QA contact. That's 1200 mails a day right there (600 to open them, 600 to resolve duplicate).

      This is not even including the real work that happens with the bug database... I'd estimate that on a typical day about 10000-20000 email messages are generated by bugzilla.
  • If you think... (Score:2, Interesting)

    by jpellino (202698)
    ...that this will be limited to spammers, guess again. Once MS figures out how to charge anyone for sending anything, they will patent it, make it a standard, and implement it in every product they sell. And with their still overewhelming monopoly, this will go Charlie Foxtrot in record time.

    And by the way, my incoming spam cost me only aggravation, and I'd rather tweak my mail.app settings than to pay someone by the message. By 'recipient' they must be referring to people running their servers and having to filter this stuff. Boo-fricking-hoo. Solve your mail server problems and do it in the ost resilient monetary fashion.

    Maybe they're lining up behind the gummint under the apparently delectable idea that we can trample everyone's rights and assumptions to make life a little easier for people who aren't doing their job in the first place.

    This is the electronic equivalent of plastic sheets and duct tape.

    "We're from Miscrosoft. We're here to help."

    Yes, I know it's only research, and it may never see the light of day, but then explain the rest of the half baked MS implementations that have been sanctified, dogma-fied, shoved down our throats and caused us to question our sanity - directx, .net, IE, access, passport, the most vulnerable servers ever devised, and that christless butterfly.

    I gotta go.
  • From the Nov. 29, 2002 UnderReported.com story Microsoft and US gov teaming up to monopolize new "certified e-mail" postmark [underreported.com]:

    According to a Nov. 21, 2002 Seattle Times article:

    ...at the Comdex technology trade show this week, ... a mundane product quietly unveiled at Microsoft's booth may have more of an impact on the average computer user.

    On display was an electronic stamp the U.S. Postal Service plans to sell to certify authenticity and delivery time of e-mail.

    [...] The plan is to have e-mail-postage software available in the next 30 to 45 days At first, it would be an add-on to Microsoft's popular Outlook e-mail-management software.

    Later, it would be bundled into the new version of Microsoft's Office suite, due around summer. When loaded, it would appear as several buttons on the Outlook control panel.

    Users would pay the Postal Service anywhere from a penny to $2, depending on the volume of use, to add an official stamp of authenticity. The stamp would be applied with a click, not a lick.

    [...] Several attempts by companies to charge per e-mail for authentication services have failed, noted analysts at IDC, a research company in Framingham, Mass. [...] A key reason is people still don't trust the technology enough, IDC's research shows.

    [AuthentiDate Chief Executive Rob] Van Naarden said electronic postmarks will succeed because they have federal authority. He said the stamps would provide legal force to electronic documents, and the Postal Service can prosecute people who circumvent the system.

    So now it becomes clear why the Bush administration has gone easy on Microsoft -- it planned to become its business partner.
  • Don't you just love the way they trick into thinking this is great news by putting "MICROSOFT IS UNFOLDING" all in caps?
  • Hmm. (Score:4, Insightful)

    by Forkenhoppen (16574) on Saturday February 15, 2003 @03:40PM (#5309839)
    So if you send an email, you have to put a penny on the line. If it gets through, and the person on the other end doesn't think it's spam, then you get your penny back.

    This is an interesting idea.. I just don't see how its any better than forced verification of the originating addresses on an incoming email, though.

    I mean, I can see how this could get expensive for the type of people who forward around those annoying chain emails, or jokes or what have you. Undoubtedly, they'd cut it out after realizing that people aren't reimbursing them for their email. But for the spammers at large..

    See, the thing is, you're putting the responsibility for this back on the users. If I get an email, I'm either going to have to manually reimburse them, or manually not reimburse them. The onus is still on the end user.

    Sure, they might be investigating Turing-test checks for spam, and the like, and yes, there is Bayesian filtering now too. But this is all still going to have to be there to automate the process, even with this transaction system.

    I would've hoped that, by now, we'd be looking at ways to move this onto the system, in the form of proper verification or something, so we the users don't have to deal with it as much. (To those of you talking about having to upgrade all of our infastructure to handle verification, should the protocol change, what makes you think we wouldn't have to if a transaction pay-per-email system comes into place?)

    The other problem I see is that these spammers might just not care about the cost. I mean, c'mon, a penny an email? That's still cheaper than a snail-mail ad.
  • Didn't Bill Gates discuss a method of sender-pays-email in The Road Ahead?

    The sender would "attach" a certain amount of money to the email which the receiver can either cash or return. Example:

    - If I want to send my friend an email I don't have to pay him, he knows me and likes me so I'll be on some sort of "white list"

    - If I want to send spam I'll need to attach some money so I'm not filtered out (who wants 1 cent emails? you would of course filter these, start with a dollar or so). Now if the receiver doesn't want to buy Viagra he'll cash in the dollar. If you get several spam-mails a day that's easy money!

    - If I want to contact someone who doesn't know me, I'll attach 100 dollars and expect that money to be returned as the receiver finds out I'm his long lost brother.

    This way you effectively stop spam (or earn cash with it) and it is only a small disturbance.

    Please note, this is not my idea, it's Bill Gates'. The above example is my recollection of the example in the book.
  • Mailing lists (Score:3, Insightful)

    by gmuslera (3436) on Saturday February 15, 2003 @04:13PM (#5310008) Homepage Journal
    How you say when a mailing list (a message that goes to a lot of mail addresses) is a "normal" mailing list or spam?

    If you force the remote machine to do a calculation, pay something or pass a turing test most mailing lists will disappear. If its implemented in some server (lets suppose Hotmail to fix ideas) then all users there that want to join mailing lists wich administrators don't want to afford whatever measure of this kind, well, would have to leave hotmail or open a mailing list account somewhere else.

    Using white list could be a solution, but this also could limit the freedom of having your own mailing/distribution list.

    And speaking of this, if you server is not ready to pass the MS test (i.e. it requires .NET installed), this could be more harmful. How you detect an spammer that don't have this kind of software/control installed from, say, someone with a normal mail server, that don't send spam but for any reason don't "upgrade" (if this is possible) the mail server?
  • by Willy K. (19859) <wkoffelNO@SPAMalum.mit.edu> on Saturday February 15, 2003 @04:13PM (#5310009)
    People are focusing a lot on the idea of paying real dollars in order to send e-mail. The thrust of the research in this article appears to be for alternative "currency" models.

    So for CPU cycles, here's what I think they are doing:

    Every email account has a notion of a "ticket pool". A valid ticket is very expensive to create. Say, it takes 5 minutes to make one on a fast modern machine, at 100% CPU.

    When I send an email, a ticket is attached to it. This ticket is required for sending mail (say, through the Hotmail SMTP servers, for example). No ticket, it bounces back to me. When I get a reply to the mail, or perhaps some other sort of acknowledgement from the receiver that they meant to receive the mail, I get credit back for the ticket I used.

    In normal circumstances, you almost never have to create new tickets. If you have 10 in your pool, and you are mostly emailing co-workers and friends, you never run out of tickets, and everything acts just like it does today.

    However, if you are a spammer, and you want to send 1,000,000 emails per day to people who don't really want to get them, and are never going to reply to your email address (which, to make things worse, probably changes with every batch you send out, to keep yourself anonymous), it's too "expensive" to stay in the spam business. To send 1M unsolicited emails could cost up to 1M tickets, which you may never get credit back for. To generate those would cost 5M minutes on the client machine, which would mean 9.5 years of number crunching, to send one day's worth of email. Clearly not feasible.

    Let's say we cut the time per ticket from 5 minutes to 5 seconds. Now, it's almost unnoticeable for normail email usage. An extra 5 seconds to send a mail? Totally not a big deal unless you are mass mailing. But again, to send 1M mails per day, even 5 seconds per mail costs 57.8 *days* worth of CPU crunching. Also completely not feasible.

    Sounds like a great plan to me, once all the details I'm glossing over are worked out, but that's what research is for!

    The only issue here, that Timothy hit on in a follow-up comment, is that there'd have to be mechanisms for valid mass-email to be sent out. Banks sending statements, Organizations sending email-newsletters, etc. Perhaps there'd be a way to give them a pool with a million tickets, and rely on whatever mechanism was used by the receiver to credit them back after the newsletter was read/received..something like that.

    (Ah, the devil is in the details...)

    Tricky project to get right, but it could definitely be a win/win.
    • Seems to me that the way to implement this that provides the capability for valid mass email would be to allow the receiver to provide tickets for mailing lists and other opt-in information services that they want. In other words, certain white-listed sources would be able to be marked (in some way) as pay-on-receipt (like COD or Cash On Delivery). Obviously, that's not a technical proposal since it provides no meaningful details, but I think that general kind of approach might be a good starting point. If I really want to receive mass emails from certain folks, then I should not have a problem with spending 5 seconds of my own CPU time to generate a ticket for that email. Of course, I would only want certain people to be able to send me COD messages - everyone else can take a hike, or pay themselves.
    • Wouldn't it be easier to just have the smtp server delay the response to the TO field by 5 seconds per recipient?

      Of course, this might cause problems for mailing lists...
    • Every email account has a notion of a "ticket pool". A valid ticket is very expensive to create. Say, it takes 5 minutes to make one on a fast modern machine, at 100% CPU.

      ...However, if you are a spammer, and you want to send 1,000,000 emails per day

      ... you'll just use a million copies of the same ticket.
  • There was once a project called "Flying Rat" which let you block all incoming email unless it contained a small e-gold payment. It was actually deployed, I once sent "stamped" email to Lance Cottrell.

    It seems to have vanished, the most recent references I could find were a couple of years old.

    If you want to research it I recommend searching with e-gold as a keyword.
  • by badzilla (50355) <ultrak3wl AT gmail DOT com> on Saturday February 15, 2003 @04:22PM (#5310064)
    Doesn't it suck to be Microsoft; you come up with some at least half-sensible idea, something that under normal circumstances people would debate the pros and cons. But everyone so little trusts them that the natural reflex response is "noooo!"

    Microsoft: "Hey what if we abolished spam?"

    "Screw you! An obvious attempt to embrace and extend!"
  • Wether or not I have actually paid for anything they have ever made (which is also debatable if they made it or just stole it), it looks like this will be the "one" that gets all 50 million hotmail users to "pay" in some form for using free e-mail (hotmail. MSN) for the past several years. NOT GONNA HAPPEN PEOPLE!
  • by Xeth (614132) on Saturday February 15, 2003 @04:45PM (#5310172) Journal
    We're considering several currencies for payment: CPU cycles, memory cycles...

    So, Microsoft is just considering writing an extra inefficient mail protocol?

  • they would tell us. Sure, they would spin it to make it seem like they are improving email (at a price of course), but they would tell us. After all, they would have to roll out this system at some point, and they can't do that without informing the public. After all, no matter what currency they are charging you in, legally, they have to warn you in advance.
  • Pretty much all of those ideas have been discussed for many years; spam and unwanted E-mail are not something that just started in the 21st century. For example:
    • "Turing tests" (more accurately, reverse Turing tests, since it's a person, not a machine, required to prove that he is human) have been used for a long time to guard against spam; for example, comments like "Send mail to foo at bar-snip.com; snip off the snip to reach me." are reverse Turing tests because they are beyond the abilities of current natural language understanding systems.
    • Being able to charge for E-mails also was one of the first proposals for digital cash, but it never materialized (note that one of the researchers was involved in that before joining MS Research).
    • CPU-based schemes have generally faltered because you don't want to make it impossible for people to send you mail because they happen to be on a Palm right now.

    I hope Microsoft doesn't add injury to insult by patenting this stuff.

  • You can play around with HashCash [cypherspace.org]. I think many free MUAs support it (including Gnus).

Always think of something new; this helps you forget your last rotten idea. -- Seth Frankel

Working...