[Asrg] Email Postage (was Re: FeedBack loops)

Fri Nov 14 14:04:59 PST 2008

> Such a system for charging bulk emailers could be made quite simple,
> the devil is of course in the detail.
>   
And in its implementation...
> You create a header.
>
> In that header is a cryptographically secure string which is the
> postage which was purchased from a recognized issuance party. Think,
> as an analogy, SSL certificates.
>   
I'm thinking SSL certs, yet even today, few email servers use SSL to 
protect email communications because most do not care to pay extra, and 
those that do typically use self-signed certs that keep the data 
encrypted, if not sanctioned by a CA.  Apparently CAs no longer even 
claim anything because you need to be an "extended verification" cert to 
do what a regular cert used to offer -- that they checked your ID before 
issuing you one.  Besides, an SSL cert is non-transactional unlike 
postage.  Furthermore, much spam, as has been pointed out numerous times 
before, is sent by hijacked user computers, so the original spammer is 
not actually sending the email and thus would not be paying.
> A site could choose to accept or reject such "stamped" email.
>   
And those that chose to reject would receive no email from 99.999% of 
the people out there.
> Monies collected for such postage could be divided up, I won't belabor
> this detail.
>   
Please don't, since this would be very hard.  Give an example where such 
a scheme exists outside of your proposal.  Your phone and postal mail 
examples certainly do not.
> Some rules exist to acquire such postage for non-commercial sites,
> end-users, etc., probably amounting to about free.
>   
"Some rules" eh?  We just have to agree on those rules, right?  That 
shouldn't pose any difficulties....
> Anyhow, obviously the entire idea would comprise many pages of details
> but I hope that outlines an overview of a plausible system which
> doesn't require micropayments, monopolies, or all the other straw man
> nonsense which gets thrown at the stage like rotten tomatoes when the
> idea comes up.
>   
The difficultly is nobody likes spam, but nobody wants to pay to send an 
email beyond what they already pay for Internet service.  Pay per use 
for anything trivial (like email) tends to disappear into flat 
subscriptions, which is what ISPs do now when they charge us for 
access.  And this mailing list would die if we had to pay to send.

My company offers a secure web email platform in which zero spam and 
zero viruses are sent as all users are authenticated to send and receive 
-- which by itself doesn't preclude these things, but reputation does 
when you can prove such abuse came from you and you can be turned off 
immediately from future use.  Furthermore, large files can be sent 
without size limitations imposed by many email systems.  All data is 
encrypted on disk and when in transit.  Electronic signatures can be 
applied.  Timestamps are accurate, no email headers to spoof, guaranteed 
return receipts and tracking, etc.  We have thousands of paying 
customers and hundreds of thousands of users (only senders pay -- and 
they pay subscriptions, not per use).  But this is a drop in the bucket 
compared to the massively distributed email system and its users.  Why?  
Because there are some business communications situations that really 
need our service and they are willing to pay for those benefits, but 
most people would not pay when regular email with all its warts, viruses 
and scams is free.  So while we're totally for making regular email 
expensive so our product is more universally attractive, it's just not 
likely going to happen. 

There are too many email users, too many email servers and too many 
email clients around the world to coordinate for a such a new standard.  
It would require world-wide government cooperation and mandates -- and 
if you're holding your breath for that, good luck to you.  It's not a 
technical issue.  Just because you can devise a scheme won't make it 
happen.  And if you can make it happen, do so and become filthy rich 
rather than complaining we all don't get it.  Just do it!

David