ietf-asrg
[Top] [All Lists]

Re: [Asrg] Economic model is borken. (sic.) Let's fix it

2003-03-06 23:22:43
My general reaction to this discussion is great idea, right people, wrong
medium. The volume of email in this discussion is simply overwhelming, and I
am unable to participate. Even in digest form there would be far too much
raw data to read within my available time. The anti-spam topic is simply TOO
hot for an open mailing list.

Trace the logical chain. MILLIONS of people hate email spam. If only a tiny
percentage wind up participating here... Well, there are already hundreds of
messages per day. Actually an obvious consequence of the harm the spammers
do.

In parting, I am going to emphasize the crucial point, and offer a few more
reactions to the comments on this particular tiny part of the discussion.
I'm not attempting to belittle any of the other parts of the discussion, but
they are too wide ranging and voluminous for me to deal with them, and I
still think the economic model is the fundamental problem and it MUST be
addressed or the problem will NEVER be solved. Perhaps it can't be?
Nevertheless, the critical point:

There is NO free lunch. Email is NOT a free lunch and cannot be a free
lunch. Any free lunch economic model is DOOMED.

After posting this message, I'll be unsubscribing from this very interesting
mailing list. I hope anyone responding to my comments will be kind enough to
send me a courtesy copy via email (and I apologize for not finding and
taking the time to do so with each of the replies to my earlier messages,
but that would make the volume problem worse, and in addition our
circumstances are reversed--I think y'all are continuing to read this
mailing list, while I am not). I would also appreciate a pointer/URL to any
final report or digestive Web site, though I rather despair of finding any
consensus opinions or universal countermeasures--except that there is
already a perfect consensus that we ALL hate spam email.

Replies:

---------------------------------------------------------------------

Keith Moore wrote:
The last part is just plain wrong. Different messages do have
different values, including different economic values. Legitimate
businesses also want to advertise, and they want to spend their
advertising money effectively.

There is no such thing as a business that has a legitimate right to
spam. IBM has no more right to spam me than the guy selling *****
enlargement devices, and I don't care how much either one is willing
to spend to do so.  And any financial barrier that would be
sufficient to deter IBM from spamming me is going to be more than
enough to keep a friend of mine (perhaps one I don't know yet) from
sending me mail.  And a barrier that keeps me from receiving such mail
is a lost opportunity for which money won't compensate.

( Taking IBM as an arbitrary example,) IBM is a legitimate company, and they
do NOT spam now, even though there is currently NO economic barrier to doing
so. Your comment is specious.

Legitimate companies often use some email as one of the channels of
communication with their customers, under the full control of the customers.
They do not transmit any personal information to other companies, and they
do not send any email to anyone who has said not to send it. The default
case is that their email is limited to replying to YOUR email.

[P.S. Obviously I do not speak in any way for IBM, though I do work for a
subsidiary of a subsidiary.]

<snip>
The real cost is in distraction.  It's hard to have a useful
discussion if you keep getting interrupted, even if they pay you to
do so.  And no, my attention is not for sale, at least not that way.
Life is too short.

You mostly make my point. Unless you can outlaw ALL advertising, someone is
going to seek your attention. Would it not be better to control at least the
email part of it up front, and tell them exactly how much it will cost them
to get a slice of your attention? Of course, you could just take their money
and toss their email, but legitimate companies will (of course) respond by
redirecting their advertising budgets into more effective channels.

So what's wrong with that? These are LEGITIMATE businesses selling
real products to real customers.

NO. They're spammers.  They deserve the same punishment as any other
spammers (perhaps worse - there's nothing so arrogant as someone who
thinks that money gives them the right to disturb you.)

Repeating a specious point does not make it valid. Or do you wish to develop
an argument somehow equating "arrogance" with "operating a legitimate
business"? If so, the world seems to be VERY full of arrogance.

-----------------------------------------------------------

Mr. Eric S. Johansson in his message covered many points that I agree with.
He did raise a new point about combining white lists with prepaid email in
the context of allowing mailing list email to be delivered for free. I think
this is not a good combination for the following reasons:

1. The email is still not free.
2. Spammers will try to impersonate valid addresses.
3. Spammers will try to spam from inside of mailing lists.
4. Spammers will try endless new variations to try to exploit any "free"
system. Numbers 2 and 3 were just the first to come to my mind, but let's
just call it "spammer mentality disease" and stop trying to list all the
limitless possibilities.

I think the better solution would be to use a specific free email address
for each mailing list you use. If that free email address is spamified, you
would get a fresh one, abandon the spammed one, and rejoin the mailing list
with the new email address. Alternately, some mailing lists might WANT to
require postage as a barrier to excessive participation.

--------------------------------------------------

Brad Templeton wrote:
On Wed, Mar 05, 2003 at 11:47:33AM -0500, Eric S. Johansson wrote: <snip>
So effectively it is a precondition that people are bouncing
(postage-due) your mail.   And some people would be willing to do
that, but I'm not.

The reason is, that if I sent you a mail where I thought I was doing
you a favour with the mail (and this is true in much of the mail I
send to strangers, and I got back a note that said:

I will not read your mail until you:
a) Get some new software for your MUA or a whole new MUA
b) Mail me the magic token from that software
c) (with real money) pay money to get that token

Well, my answer would be to say screw you.  I try to send you
a message as a courtesy to you, or just to reply to a message you
posted to a mailing list, and I get back a demand like this?  I am
going to leave it in the dust.

Gee, your "courtesy" defense sounds exactly like what the spammers say in
defense of their actions, and I actually (and desperately) WANT the spammers
to say "screw you" and drop my email address. However, just because I want
it desperately doesn't mean the spammers will cooperate.
<snip>

Now, stamps -- if they could be deployed everywhere by fiat -- do in
fact have that attribute.  That's why I was one of their earliest
advocates in the unix community.  The problem remains in the
deployment.

Actually, the charges are already deployed everywhere, no fiat required. The
fundamental problem is that they are hidden. The deployment of postage paid
email can be purely elective, and if you really have something important to
say to me, then you'll be willing to risk your five cents to say it. If your
message is worth nothing to you, why should you insist that it is worth
something to me? Oh, I forgot. You think you are doing me a favor. But
that's what ALL the spammers say.

I actually think the postage should be done with several tiers, all
controlled by the recipient of the email. One tier would be a minimum
postage rate, but still not free. This tier would be bound to a white list,
but it would still be unattractive to mindless mass spammers, even if the
minimum postage rate was 5 cents. The presence of real money requiring a
real identity would effectively prevent the spammers from using hit-and-run
tactics.

Another tier would be much higher, and intended for the use of legitimate
advertisers, as mediated by the email service providers. Essentially, you
would control how much of your information could be used in marketing email
access to you. If you trust the email service provider enough, you could
provide more personal information, and they would not need to reveal
anything personal about you, though the value of the access could go WAY up.
The user should have FULL control, for example to say "absolutely no
insurance ads" or "maximize my email advertising revenue" or "$10 for any
car advertisement but $5 for Toyota ads" or any combination. Of course, no
ads at all would also be an option.

As a concrete example, you might want to find a new apartment in a
particular area, and in that case you might well be willing to allow
realtors in that area to send you email at a fairly low rate--and they would
probably be eager to do so, while your email service provider would be
assuring them that you don't do this every week just to get the money. The
initial transaction can be handled securely and confidentially on both
sides--they don't need to know who you are unless you decide they have an
apartment you want to see.

   f) I'm not sure I understand the virus problem.  I'll take a look
   at your paper and see if it gives a better explanation.

This applies only if real money is involved.  Any system which allows
your computer to spend a small amount of money (like 50 cents) in
an irrepudiable way without getting your consent is a prime target
for a virus writer, who would get millions of such stamps mailed to
his throwaway account in the caymans.

You can fix this if the stamps are repudiable, but you need to stop
the spammers from repudiating theirs.

Ah, now I see what you are thinking of, but I disagree that this is a new
problem or that it is difficult to solve. However, this is not a spam
problem per se, but this is part of the general problem of real commerce on
the Web. Therefore I'm going to word the response in terms of "scammer" and
"scam" rather than "spammer" and "spam". That they are so often the same
people is not directly relevant...

If the encryption remains secure and a scammer cannot counterfeit new
postage, there are two basic scenarios here, server-side and client-side
postage. If the postage is held on the server until it is used, then this
reduces to the current situation, for example with credit cards. The
security of the server is the responsibility of the company running the
server, and that includes preventing anyone from impersonating legitimate
customers. As with credit cards, the customers are guaranteed against
liability if that company allows a security attack to succeed.

The other option is that the postage is transferred to the user. For
example, the company issuing the postage could create encrypted postage as
text lines that the sender can paste into the email using any existing email
program. In that case, there is a theoretical risk, but I think the real
probability is just too small to worry about. The scammer would have to hack
into and gain control of a large number of computers, each of which only has
a small amount of postage. To prepare for the timely execution of the scam
would require leaving trojans on a large number of systems, which would
surely lead to detection. Alternately, if the scammer copied the postage to
his own system for the delayed attack, then he would still be detected
because much of the postage would have become invalid, so his scam would
trigger a very large number of alarms as he tried to send the messages.

In both cases, there is a money laundering operation for the authorities to
target for prosecution. Also clarifying the situation is the fact that there
is no question but that this is all illegal. The police are mostly well
prepared to deal with crime, even such white collar crime.

However, on balance I think it would be best to use a server-side solution,
so that when postage was actually required you would have to be logged into
a secure session and approve the use of the postage. For convenience, it
might be best to remain in the secure session all the time you are handling
your email, though the free and open competition will determine the best
systems. For example, another implementation might handle the postage in the
background of a regular POP client, but send you a confirmation email when
postage was required. Clicking on that link could then pop up a secure
window for your postage password (as required for the still spooled
message).

--------------------------------------------------------

Kee Hinckley wrote:
At 5:29 PM -0800 3/5/03, Hallam-Baker, Phillip wrote:
there. He wrote a challenge/response authentication callback
loop back in 1992 for the COMLINK mailer that we used to
publish the Clinton/Gore '92 (and the other candidates who made
it available) campaign literature on the Internet.

The other problem with challenge/response systems is that there's a
missing link in the interface.

I go to a web site and purchase something.  They send me an email
receipt.  How exactly are they going to automatically get through my
challenge response?  And don't say "you should have whitelisted
them."  J. Random User is not going to do it unless it's as simple as
hitting a single button.  Not to mention the question of "whitelist
what?"  Their sales address?  Their support address?  Their domain?
And using what authentication system?

I'm having a bit of trouble understanding this objection. Why shouldn't they
pay the cost of delivering the receipt as part of their cost of doing
business? Still much cheaper than a snail mail confirmation, but the smart
companies will probably try to bundle the entire thing into some kind of
deal to link their customers more closely to the company. For example,
they'd give you a block of postage as a "benefit" of buying from them, and
receive postage from that company on the other side of the coin. It would be
subject to abuse except that all the other companies could (and probably
will) do it, too.

---------------------------------------

Nate W wrote:
On Wed, 5 Mar 2003, Hallam-Baker, Phillip wrote:

I don't think that the response loop idea is acceptable as a general
solution. In my view it should only be used as a last resort if
a mailer has exhausted every other means of authenticating the
sender. That means SSL, S/MIME and PGP. Nobody should be using
intrusive means of authentication when there are non-intrusive
options available.

How intrusive is it for a person to expect all correspondents to use
S/MIME or PGP authentication?  Most of the people I correspond with
don't even know what those are, let alone know how to use them.

My inbox is presently guarded by an autoresponder that sends and
receives return-address confirmation requests via SMTP.  One might
say that, in effect, I consent to receive email from people who use
(and monitor) the "From" address that they use.  While not
technically elegant, this method is widely implemented and pretty
well understood.

I'd love to replace it with something less intrusive, but I don't
think it's really my decision.  Rather, the decision lies in the
hands of all the people with whom I correspond.
<snip>

Though this system has the advantage of relative transparency, it is not
very efficient, as you mentioned in the part I snipped for brevity. Even for
legitimate messages, you require three email messages to deliver the first
one. The efficiency isn't too bad if you then add that legitimate sender to
a white list. (You focused on the tripling of the spam messages by the
autoresponse and bounce.) Though I'm not using such a system now, maybe I
should...

However, it is still subject to address pairing abuses. In one form, the
spammer manages to link your email address to another address that is on
your white list, and then sends you email that claims to be from that
address. A more insidious form would involve using a macro virus that sends
his spam through one of your white-listed friends who just clicked on the
wrong attachment.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>