Outline of solution to spam problem by Vadim Makarov Published in June 2004 Abstract, sort of. The proposed idea of a postage-based email solution differs from other solutions in that postage is charged only for those emails which are considered unwelcome by the addressee.

[ Update August 2006: Well, the world is not exactly falling over. Spam is kept under control by technical measures (statistical filtering, realtime blocklists) and continuous investment of time from both system administrators and users to keep their setups updated. However, due to false positives and other technical mishaps caused by aggressive spam protection now employed by everybody, email communication has become much less reliable than it could be (in an ideal world :). ]

Free email is dead. Well, almost dead.

The overwhelming trouble in separating good email from spam which is experienced now (as of June 2004) by the most unfortunate of the people who has actively used the same email address for a few years, will soon be everyone's trouble. Personally, I don't think I will be able to cope with spam problem on my email account in one to two years from now.

The only viable solution, in my opinion, is to introduce postage for every email sent.

In other words, let's put money where they belong: to work for us.

There are certain misconceptions and fears about the idea of postage-based email. I'll try to address them below.

No it does not have to cost you anything to send email. The postage is placed into an escrow account. If the recipient opens your email and does not mark it as spam, the postage is returned to you (it's also returned if your email is not opened for, say, two months).

No it does not need to break SMTP protocol. I'm not sure about the details, but it can probably work like this: diring the delivery part of the protocol, the server responds with a new error code "Postage required $0.nn.nn". If the sender is set up to pay the postage, it obtains a token from the central escrow service (required postage is subtracted from sender's pre-paid credit and placed into the escrow) and passes the token to the recipient, followed by the message. If the sender is not set up to pay (e.g. uses old SMTP), he just gets a bunce that shows the error message. This allows graceful migrating and co-existence of postage-based and free email in the future.

No it does not break mailing lists. For small- and medium-sized lists, the list owner will be able to pay the small expenses resulting from users occasionally marking mailing list messages as spam (naturally it's a good idea to treat such marking as unsubscription requests). For high-volume mailing lists and services that send a lot of email, the list can require a pass code from the user at the time of subscription that allows to send messages to the user for free (the pass code is unique to every subscription and is of course revocable by the user). Pass codes can also be given by the user to selected correspondents if he feels like so.

No it does not need to invade privacy and liquidate anonymity. First, those email accounts who are willing to receive email without a fee, can just continue to use today's SMTP (see above). Second, there will surely be places like internet-cafés where you can pay by cash and have a number of outgoing email messages included with your time, or fill an anonymous account at the escrow authority with credit for later use. Your identity is not required, only a small payment from you.

No it will not cost you more than you are paying for email today. Do I need to explain this one? You and I already pay for spam with our time, with lost and unreliable communication; we also often pay for bandwidth, storage, CPU time and support resources used to filter email. It is cheaper to have clean, reliable postage-based email. If you disagree, that's fine: just communicate by free email with those who would still feel like it (see above on SMTP backward compatibility and pass codes).

 
Now of course there is a question on establishing the global escrow authority and implementing all this stuff. I don't think having a central authority is such a problem in itself: internet is already relying its operation on the authorities (DNS) that involve payments and are central, and somehow we get along reasonably well with it. On the technical side, I feel the plan outlined above is doable, too.

Both the technical and administrative stuff CAN BE DONE.

Financially, it may well turn out that the whole operation is paid for by the normal process of some email marked as spam (as an expression of unwillingness to communicate, unsubscription from small mailing lists, etc.).

Now, I'm not volunteering to implement it all myself :). I just want my inbox back please, thanks. You do it — everybody uses it. Here is a million dollar idea. Take it!

Who gets the postage?

• If the recipient reports your message as spam, you are notified and the postage for your message is not returned. In such case, the postage cannot be paid to the recipient, either: if it did, a scam would be possible that tricks you into sending a message then reports it as spam and collects the postage. The postage collected from messages marked as spam can pay for the operation of the central authority. If there's a surplus it can be divided and distributed equally to all the user accounts, or perhaps not equally but proportional to the account utilization. (Other possibilities: surplus returned to sender's country govermnent, funds some global program, etc.)

• "Hijacked/infected computers will be used to send all spam (at the expense of their owners)." Well, it's hard to say whether this will be a significant obstacle or not. I guess it depends in the implementation, price per message, and also on many factors that could not be estimated in advance. The average price per message matters the most: if it gets large enough, more and more people will care about the security of their accounts. Anyway, those who pay would be mostly users with poorly secured systems or users who allow themselves to be fooled, and their money go to the maintenance of the service for everybody... don't you think it's just?

• It seems, nobody likes the idea of central authority. People say it's "a government type solution", "another way for vested interests to take money out of the pockets of the little guy", etc. Well, how about multiple, competing authorities? Your email server can accept tokens signed by several authorities. The user chooses which authority he uses. It may or may not go the way of credit cards and certificates markets (i.e. only two major players: Visa — MasterCard in the credit cards market, and VeriSign — Thawte in the certificates market before 1999). There can nevertheless be some level of competition and choice in the email postage escrow market.

See also: spam used to be entertaining. No more.

...One problem you mentioned is hijacked accounts. I believe the solution is pre-paid postage accounts.

You or I would probably need $10 in our accounts. We're never going to send spam, a few people will charge us just to be pains, but that $10 will last us a couple years.

If one of our computers got hijacked, we'd be out $10. Non-sufficient funds would stop the attack.

So, we got lax and let our security get weak, and it cost us $10. Maybe next time we'll pay more attention.

-- Bill McGonigle (bill@bfccomputing.com), June 17, 2004

"Standard assessment" of this idea by a Slashdot frequenter (with a nice give-and-take at the end).

-- December 13, 2004