Responses to the craphound.com/spamsolutions.txt list
Your post advocates a
(x) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won’t work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
(x) It will stop spam for two weeks and then we’ll be stuck with it
(x) Users of email will not put up with it
(x) Microsoft will not put up with it
(x) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
Specifically, your plan fails to account for
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
(x) Unpopularity of weird new taxes
(x) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
(x) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
and the following philosophical objections may also apply:
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
(x) Countermeasures must work if phased in gradually
Furthermore, this is what I think about you:
(x) Sorry dude, but I don’t think it would work.
I’ll address them in turn as best I can.
1) It will stop spam for two weeks and then we’ll be stuck with it
The essence of the idea is that any email sent must contain within it a public key to a bitcoin address (which I called the spek address) that hasn’t been flagged as spammy. That bitcoin address must contain a minimum amount of BTC. I suggested the equivalent of a penny. A spammer would therefore have to maintain a very large number of addresses with a penny in them.
As part of the protocol, everyone must have the private key of their own spek address (so they can make digital signatures), so it is true that once a spek address has been flagged as spammy, that money can then be moved to a new address. Possibly this represents a fatal flaw to the spek idea. I think it depends on the level of fees that the miners charge. Currently (in my experience – I may be wrong) there seems to be a minimum fee of 0.0001BTC, which at the current USD rate is around 5c (it’s a little silly quoting this in a blog because it’s bound to change massively in one direction or the other).
So the question becomes how many emails would get through from one spek address before it was flagged as spam and a new spek address required. If that was 100 then the spammer would be paying 5c for every hundred emails sent. If that is insufficient to make it economically non-viable, then the spek idea won’t work.
2) Users of email will not put up with it
This is certainly possible. However my thought on the matter is that email providers would handle this seamlessly so the user need have very little involvement.
3) Microsoft will not put up with it
I think “Google would not put up with it” might fit better here. In any case, I can’t answer for whether they’d put up with it or not. Obviously I think they would, but that doesn’t constitute an argument on my part.
4) The police will not put up with it
Don’t think this is relevant. Though both Sting and Stewart Copeland have privately indicated they think it’s a great idea.
5) Requires too much cooperation from spammers
Again, I don’t think this is relevant. They wouldn’t have a choice.
6) Requires immediate total cooperation from everybody at once
This is a good argument. My view on it is that this is something that could be phased in gradually. One possibility would be for people to mention the fact that they’re using spek in their email signatures, to get some viral spread of the idea. “I use spek to get rid of spam and phishing. You should too!”, or something.
In the early days of its usage, one would be wise to accept emails that didn’t follow the protocol. Only as general acceptance arose, (if it did), would one then switch to rejecting emails that didn’t conform, and then probably with some sort of workaround for genuine senders who hadn’t adopted the protocol for whatever reason.
I think this area requires further thought – but only after it’s been agreed that the protocol itself would actually work.
7) Many email users cannot afford to lose business or alienate potential employers
This is similar to the previous point, and I think the same responses apply.
8) Lack of centrally controlling authority for email
Don’t think this is relevant. It’s a protocol that individuals could choose to adopt if they wanted.
9) Open relays in foreign countries
Don’t think this is relevant. Please expand if you disagree.
10) Unpopularity of weird new taxes
I think all new taxes are unpopular, not just the weird ones. I don’t think this classifies as a tax. The money in the spek address belongs to the user, who retains its private key.
11) Public reluctance to accept weird new forms of money
Can’t argue against this.
12) Huge existing software investment in SMTP
Unless I’m missing something, this is not relevant. We’re talking about including some extra data inside email messages. The email protocol being used is surely not relevant?
13) Susceptibility of protocols other than SMTP to attack
I don’t know enough about email protocol to answer this. Perhaps somebody else could chip in. I have to say it sounds irrelevant.
14) Willingness of users to install OS patches received by email
Not relevant. There are no OS patches to install.
15) Armies of worm riddled broadband-connected Windows boxes
Again not relevant, true though it may be as an observation.
16) Eternal arms race involved in all filtering approaches
Nothing’s being filtered.
17) Extreme profitability of spam
See answer 1). This could definitely kill the idea. If spam is more profitable than the miners fees, then unless the protocol is amended, it wouldn’t work.
18) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
I thought it was quite hard to come up with! But I can’t argue against the point.
19) Countermeasures must work if phased in gradually
Can you give any concrete examples of what you mean?
20) Sorry dude, but I don’t think it would work.
You’re probably right. But it might.