ISPs Starting To Charge for 'Guaranteed' Email Delivery

Presto Vivace writes "Under the guise of fighting spam, five of the largest Internet service providers in the U.S. plan to start charging businesses for guaranteed delivery of their e-mails. In other words, with regular service we may or may not deliver your email. If you want it delivered, you will have to pay deluxe. 'According to Goodmail, seven U.S. ISPs now use CertifedEmail, accounting for 60 percent of the U.S. population. Goodmail--which takes up to 50 percent of the revenue generated by the plan--will for now approve only mail sent by companies and organizations that have been operational for a year or more. Ordinary users can still apply to be white-listed by individual ISPs, which effectively provides the same trusted status.'"

finally

[goathens]

while charging for email would suck, i think it is one of the few ways that would actually stop spam: making it too expensive to send a lot of email.

of course, having not RTFA, i wouldn't say how well this would work for non-US countries being certified... this could turn out to be more like the current net neutrality issue (pay the isps money or your traffic/email won't go in the "good pipes"/"certified")

Breach of contract

[KiloByte]

Well, assuming an user pays for the e-mail account, isn't this a breach of contract and false advertising? By "providing an e-mail account", it can be assumed no real mail is ever meant to be knowingly dropped.

Declaring those who haven't paid the protection racket as not "real mail" is not really something that I would envision as something which would pass a non-bribed judge.

Not that I like spam but....

[ralphart]

This is pretty freaking outrageous.

If there's any way to organize and refuse to relay mail from any of these greedy self-appointed guardians, I'd certainly be interested. Blacklisting all mail out of their domains would probably be extremely educational for them.

Good for the goose...good for the gander.

recipe for disaster?

[jb.cancer]

apart from the initial shock (face it, evryone wants to plug the tube that is the internet), won't this generate more unwanted e-mail traffic? think of all the people who would now send >1 copies of each of their mails just to increase the chances of delivery.

of course it's all assuming that the real intention is not 'end-of-free-emails'(which cud be quite naive)

Re:Fighting spam?

[nacturation]

How does it fight spam if the spammer can ask to be whitelisted, or if the spammer can pose as or actually be a business operating for more than a year? Lame.

You combine it with other techniques, such as whitelisting only specific IP addresses and rejecting mail from those IPs if spam reports get too high. A business approaching Goodmail and saying "please whitelist these 500,000 zombie IP addresses" would be just a tad suspicious.
 

Re:finally

[abertoll]

Yes, but I'm not sure it's expensive enough at 1/4 cent. That kind of price sort of sounds like they're hoping the spammers use them so they can make a lot of money. Not that they're going to help prevent spam.

Re:finally

[mikelieman]

You're not getting junkmail in your reality-based mailbox, then?

This has NOTHING to do with stopping Spam.

This is all about generating revenue from Spam.

And this will help how?

[Anonymous Coward]

So the spammers who use botnets will just cause the hijacked computer's owners to pay thousands in email fees?
I can imagine the new "training" course at the grade schools:
Don't download music because you'll get sued for thousands of dollars by the RIAA and then have to pay thousands of dollars because a "virus" sent out emails from your computer!

This is extortion

[HellYeahAutomaton]

Its kind of like if the mob owned the USPS and said "You might get your mail in one piece...and you might not if you don't pay up."

Well the PROBLEM is that...

[shmlco]

The "problem" is that there are a ton of non-profits, news sites, news groups, blogs, lists, whatever-of-the-day sites, schools, churches, and other organizations that send out a lot of requested put-me-on-the-list email to their members.

Have a decent-sized list on which you're doing a daily run, and even at a quarter of a cent you're suddenly looking at thousands of dollars a month out of pocket.

So now all of those sites and services and lists either: A) Stop sending email and/or go out of business, or B) Start charging for the stuff you used to get for free.

Is it so hard for people to figure this stuff out? Apply a cost somewhere and--one way or another--you're going to pay it.

Re:finally

[tacocat]

Give this man a cigar.

Not only will it generate revenue for delivering spam, but it will also mean the end of non-cost based mail delivery. Think mailing lists and personal domain servers.

Scam

[Anonymous Coward]

This is like privatized jail system in the USA. The moment it was set up, the number of people sent into jail has started to grow steadily, since there is direct financial interest to "maximize" profit on investment.

If you need to pay fee to get your email for sure, the same companies can make sure that the emails of non paying people will get lost.

Re:Well

[tacocat]

But who do you think it going to pay that cost?

I'm on a lot of mailing lists. So 300 emails a day works out to 75 cents US. Which adds up to $273 a year that I have to pay. If you look at it from the point of view of the mailing lists, they might have 10,000 users which means every email costs them $25US. For someone like Debian this is death. For someone like Microsoft -- They'll just add $25 to their product prices.

When the F... are you going to realize that pay per use is not a means to being effective for anything. It's a means of generating money. It doesn't save you money and it doesn't get you any more freedom, happiness, or flexability

Re:Fighting spam?

[tacocat]

If he tags what you sent as confirmation to his request, what do you think the chances are that they will also tag your newsletter?

A lot of AOL users tag messages as SPAM when they don't want to see them anymore. It's easier than opting-out and so they abuse the process. They have no repercussions to their actions.

But a lot of users do this. I see it in my house where I run my own mail server and my own spam filter. It's a bayesian filter so you have to tell it when it was wrong. Wife won't tell it anything but she complains about the spam she's getting. Can't help her. She's being obstinant and dumb.

Dubious statistic

[asuffield]

According to Goodmail, seven U.S. ISPs now use CertifedEmail, accounting for 60 percent of the U.S. population.

This is probably true as stated, but almost meaningless. Each of those ISPs will be counting the number of users that have email accounts with them, and then they just added up those numbers. The problem with this is that many users have more than one email account and don't use the one provided by their ISP - a large chunk of that 60% probably uses yahoo, hotmail, or gmail. Many people will also have another account provided by their employer.

It is not particularly useful to count email accounts as a fraction of the US population.

Re:Yeah, that works

[maxume]

I get 3 or 4 mailers a week(probably partly because I live on a rather underpopulated route) and at least 3 or 4 spams an hour(that are almost universally filtered). I wouldn't care if I got 3 or 4 spams a week, filtering or no.

Pity the fool

[stabiesoft]

who is paying for this service and gets infected. Ouch, what a bill that will be, and
all guaranteed to be delivered. New bot target:Certified senders!

Re:Infrastructure problem

[guruevi]

That's a good thing, then the TCO of Windows would be even higher! Also, all dumb users on the Internet would be bankrupted and not able to afford a fast internet line, more bandwidth for us, less crap on the web.

a bad figure if I've ever heard one

[briancnorton]

accounting for 60 percent of the U.S. population

This is making a REALLY bad assumption that an ISP generated email address is used by the account holder. Problem is, once there became multiple ways to get online about 10 years ago, LOTS of people switched to web-mail for the permanence and convenience. (Hotmail, Gmail, yahoo, etc) I would guess that any major ISP has less than half of their accounts use their provided email services.

Net Neutrality

[SanityInAnarchy]

I'm thinking I should bookmark this and use it as an example to anyone who claims ISPs won't attempt to charge websites for "prioritized" delivery, and degrade people who don't pay up.

In short: They already have.

Of course, I don't think net neutrality legislation will cover email -- not that I care much, I really don't send mail to many people at AOL -- but it's just a perfect example to all the Libertarian idiots out there of why we do need government intervention sometimes.

The free market will sort it out? Sure...

Re:Fighting spam?

[PopeRatzo]

A lot of AOL users tag messages as SPAM when they don't want to see them anymore. It's easier than opting-out and so they abuse the process. They have no repercussions to their actions.

"No repercussions"?? What kind of "repercussions" should we get for calling junk mail "spam"? Maybe have to pay a penalty? Should we lose our internet access for a few days? Why not jailtime?

I'm not an AOL user, but I only give "spamcatcher" addresses to any company I think is going to send me junk. I commonly will tag their stuff as spam when I'm tired of getting it.

Funny, I NEVER opt in to get any "special offers" but somehow, the "special offers" come anyway. If I tag them as spam, that's exactly because they are, indeed spam.

I don't trust the parent and grandparents who are so righteously complaining about how customers have all "opted in" for their junk mail. I've had way too many occasions where I've gotten junk that I've supposedly "requested", when what I really did was click a link that said nothing about me getting daily "special offers" that are just junk mail. Just because I want to pay a bill or register an application online does not mean I want to get sent advertisements. I'm betting if these jokers actually said what kind of email they're sending people, most of us would immediately recognize it as irritating spam.

I'd like a universal opt-out for all email advertisement. End of story. But this will never be offered because you know that millions of people will want to permanently block advertisement. It's the same as the famous "Do Not Call" list that stops me from getting bothersome phone spam, except that Banks, Credit Card Companies, Insurance Companies, Health Care Companies, Charities, and a hundred other categories are NOT FRIGGIN' COVERED by the "Do Not Call" list. Oh yeah, and PHONE COMPANIES, of course. Phone companies would NEVER make an irritating sales call at dinnertime, right?

If you're going to choose to try to squeeze out that extra profit by bothering people, then don't complain when you are universally loathed. And if you're in the email advertising business, then you ought to find a less ugly way to make money. Maybe breeding animals for medical experiments or something.

Now I understand why the block port 25.

[twitter]

Nice plan.

1. Keep users helpless.
2. Provide "service" for helpless user
3. Profit.

Give me back my ports and I won't have to worry about spam or your fees.

Spam Filter

[Joebert]

Where can I get an up-to-date list of theese companies, so I can add their addresses to my spam filter ?

Re:Fighting spam?

[tacocat]

I was thinking of the repercussion as something you would experience if you were using a bayesian filter.

If you tag indiscriminantly everything that you don't want delivered for any reason, they you will start getting more false positives because it's an adaptive AI process. There is a little care and feeding of the whole filtering process you have to pay attention to.

I don't believe that AOL is going to use something like this. If you tag email as spam, AOL takes it upon themselves to send you a warning email and if you don't opt them out they black list you (eventually). What would be a repercussion to the consumer is the eventual increase in false positives -- giving the consumer a repercussion to their indiscriminant feedbacks. No one is made aware that there is an effect.

And just to clarify -- I'm not talking here about the obviously unsolicited email, but the email that is solicited but no longer wanted. The consumer took a positive action to get the email and now no longer wants it. What I am definitely not talking about here is the email that you never asked for, or where opted-in by means of fine print that few can even read at light grey and 6pt font.

Re:Fighting spam?

[Anonymous Coward]

A lot of AOL users tag messages as SPAM when they don't want to see them anymore ... I see it in my house where I run my own mail server and my own spam filter.

I wonder how come you can send e-mail to AOL users at all. I run my own mail server, and for the past year or so, no amount of attempting to find the right person to talk to at AOL, compuserve or verizon.net has succeeded in getting my e-mail through to their customers (and it's always completely benign personal e-mail, not business). As far as I have been able to tell, it's because each one of them has decided that my IP address is a dial-up IP address (it isn't), and they unconditionally reject all e-mails that originate from dial-up IP addresses. Yes, I could force all my mail through the e-mail application service provider foisted on me by my ISP, but why should I be forced to do that (and thereby allow a third party to store and make use of the contents of my private e-mails for whatever purposes they want)?

Or I could pay extra to send all e-mail through some other e-mail service provider; but again, I wouldn't trust any of them not to use the contents of the e-mails somehow to commercial advantage. Good intentions and promises not to make use of the ability to use e-mails that pass through their system to advantage are all very well, but they tend to become null and void once money or government power become involved.

Re:pay me to spam me

[tomstdenis]

A penny per email isn't economical. And I already pay to send emails. It's called my ISP fees. The ISP provides IP [including TCP and UDP] service which means they have to deliver my packets to the best of their ability.

Some sort of "pay us [more] or we may drop your packets" is a protection racket of sorts. Remember that an email is no more than a TCP stream of SMTP commands.

Tom

Re:Fighting spam?

[martin-boundary]

People's interests change over time. Opt in may be valid for the very first newsletter they receive, but once users have seen an example of what the newsletter is like, they may or may not change their mind. It's unreasonable to expect that a newsletter is wanted for all future time. Also if you cram a lot of different types of information in a newsletter, the risk that some of it is unwanted will be higher.

Here are some things you can try, if you're _really_ interested in helping users choose if they want your newsletter or not.

1) Put an opt out procedure prominently in each and every one of your emails (ie first thing users see at the top).

2) Make the newsletter opt-in at the bottom of the message: By default, you stop sending the newsletter unless the user opts in at the bottom, which they usually would only look at if they've read the message. Tell them if they do nothing, they won't receive another newsletter.

3) Have a javascript popup message which lets people opt out when they click on the message to view it. (this depends on what sort of mail reading software they use, so it's not a great universal solution, but it does target the kind of clueless people who don't know much about email).

The trick is to make the opt out easier than marking the message as spam for most ordinary people.

You're checking the wrong boxes

[billstewart]

Yes, it's market-based. That does mean that most spammers won't be willing to pay for it. But some legitimate email senders (and a smaller number of well-targeted spammers) will find it worthwhile to pay to get mail through big ISP blacklists - anybody who's running a legitimate mailing-list service or doing things like product registration spends a lot of time bitching about AOL.

There isn't a central authority controlling email - but they've got the ISPs that are over 50% of the US mailbox market. (Microsoft MSN isn't one of them, though :-) And these countermeasures _do_ work if phased in gradually; otherwise they wouldn't be able to make a profit (not that we know yet if they'll make a profit or if they'll die out in a year.) It doesn't require cooperation from everybody at once - they've got enough mailbox ISPs signed up that it's at least potentially worthwhile for an email sender to pay them for the service. And they're not trying to solve the *whole* spammer problem - they're trying to get some non-spammers to pay them for delivering non-spam, which is a difficult but much simpler problem. It's not a "find the spammer to make him pay" system - it's a "pay up front to claim you're not a spammer" system.

Joe-jobs, Forgery, Worms and Zombies, etc. - The press releases don't say *how* they handle their certification other than to mention cryptography. But their board of technical advisors is interesting - Marty Hellmann, Avi Rubin, Dave Crocker - so there's a good chance they've done it right. Cryptography does take a fair amount of horsepower, but it's scalable dumb horsepower, and if they've done things well they can avoid having to verify the crypto on most forged messages. If they've designed things well, it's not incompatible with open-source tools, but they're writing Press Releases, not technical documentation, so it's hard to tell.

Asshats, and trusting Goodmail's servers - yes, that's still a problem. Their terms of service are appallingly weak - they'll accept unconfirmed opt-ins, and their "interpret complaint as unsubscribe" is inadequate, so dishonest spammers can still pay to get service delivered for a while, until they get enough complaints. But at least the quarter-cent per message means that only well-targeted spammers will be willing to pay for it, so it won't be really high volumes of spam. If there's much of that going on, then email users won't stand for it, and they'll bitch at their ISPs (though that's more effective with AOL who charges money than with Yahoo who's giving you that email account for free anyway...)

And yes, email should be free, and whitelists suck, but blacklists also suck and some email senders may be willing to pay to deal with whitelists that suck instead of getting stuck on blacklists that suck.

Re:Fighting spam?

[MightyYar]

You aren't the typical AOL user... Put up a real estate related site with a sign-up form... watch the contact info fly in. I don't know what it is about that demographic, but they sign up for EVERYTHING. Of course, that doesn't stop them from using the SPAM button as "unsubscribe". I'm not going to complain, though, because you'd be nuts to click on an "unsubscribe" link for something that you don't remember signing up for.

Thats a nice email

[Mantrid42]

That sure is a nice email you've got there. It'd be a shame if anything happened to it, eh?

That model is available - feel free to use it :-)

[billstewart]

A lot of the discussion about market-economics solutions to spam proposed models like that. [insert standard checklist here :-)] Some of them get it wrong and have arbitrary prices for delivery that get paid to the wrong people, so they're not likely to work economically, while others of them realize that the real cost of spam isn't the bandwidth, CPU, or storage costs, it's the recipient's attention wasted reading the junk, so they propose ways to let the sender pay the recipient for reading the mail. Some of them use artificial payments like hashcash (where the sender has to burn CPU time, and therefore can't send spam very fast), while others use real cash, typically with some kind of stamps paid for with Paypal.

In one sense, that's absolutely the right model for reducing spam - you don't care how much spam there is in the world, you just care how much of it gets into your inbox, and if some Nigerian princess is willing to pay your price for consulting service for reading your mail, your mailbox has negotiated an appropriate price with her and waited for the Paypal to clear so you really don't mind spending two seconds of attention span to junk her message.

In reality, enough of the email that most people receive is something that they do want and therefore whitelist or perhaps even pay for, so you can't enforce this mechanism on all your email, so the spammer arms race would focus on how to impersonate email sources you *did* want to hear from, and you'd use crypto to keep them out, and the financial or technical transaction costs would be annoying enough that there would be useful email that you're not going to receive because the senders didn't want to bother haggling with your robosecretary about it.

So it's not implemented very often, and it may be hard to find off-the-shelf implementations, but if you're a corporate executive, you can always hire a secretary who will not only get rid of the junk, but prioritize the non-junk mail for you.

And of course, while this sort of thing is annoying enough that most people won't bother sending you mail if you're using it, if spam becomes sufficiently annoying that many people do adopt it anyway, you'll start seeing lots of advertisements for mail systems that pay you to read email! Right there at home on your couch! ...5 PROFIT!!

Re:Fighting spam?

[tacocat]

Ten years ago I would agree. But now I don't.

The confirmation of an email address isn't valuable anymore. It's too easy to get real addresses en masse without anyone confirming the address. There once was a time when people would pay big money for lists of confirmed email addresses as a list for spamming. I don't know that there is much value in this anymore.

The process of sending spam is basically Fire and Forget so there's no added value to having a confirmation to the address. I have many records where people try to send email to random names or even characters on my domain and none of them could have ever been confirmed. And they keep coming. Add to that the back-scatter spam and you've no need for addresses being confirmed.

Go ahead, confirm your address. The spammers already have it and they don't really care if it's confirmed or not. They'll keep using it for months to come. And at least it gives the legitimate mailings a chance to play honest and opt you out without getting punched in the nose.

For legitimate purposes, if the sender provides and opt-out mechanism then it's the consumers responsiblity to use it and the marketers responsibility to honor it without qualification. But if you don't provide this mechanism then you should be labelled spam and prosecuted.

Re:Fighting spam?

[Sparr0]

AOL email addresses aren't allowed to be used in our monthly drawing for a free product(meal) ... the newsletter we send out also gets tagged as SPAM

So you get people to sign up for a drawing, and start sending them a newsletter? Hello spam.