Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Yahoo Revives Pay-Per-Email, With Charitable Twist

timothy posted about 5 years ago | from the penny-post-sans-post dept.

Spam 287

holy_calamity writes "Yahoo research have started a private beta of a scheme that resurrects the idea of charging people to send email to cut spam. Centmail users pay $0.01 for each message they send, with the money going to a charity of their choice. The hope is that the feel good effect of donating to charity will reduce the perceived cost of paying for mail and encourage mass adoption, making it possible for mail filters to build in recognition of Centmail stamps."

cancel ×

287 comments

Sorry! There are no comments related to the filter you selected.

How Exactly Does This Fight Spam? (5, Interesting)

eldavojohn (898314) | about 5 years ago | (#29055295)

Subtitle of CentMail:

Do Good. Fight Spam.

So it sounds like an 'opt-in' program for doing otherwise would be suicide by a mail provider. And since it's opt-in, I highly doubt the spammers will be doing the opting. So unless your penny is going to an anti-spam organization, how are you fighting Spam?

Also, I'm not too clear on how this would work. Wouldn't it require a certificate-like central authentication server? And wouldn't this increase in traffic just exacerbate the situation of too much traffic? Especially if all Spam starts to come with fake 'stamps.'

Re:How Exactly Does This Fight Spam? (3, Interesting)

FlyingSquidStudios (1031284) | about 5 years ago | (#29055371)

It seems to me that the only way to truly insure that the receiver gets 100% spam-free mail is to intercept and sort it before it's received with humans doing the sorting. Even the most robust spam filters get overcome fairly regularly. I know I don't want anyone reading my mail but me.

Re:How Exactly Does This Fight Spam? (2, Insightful)

binarylarry (1338699) | about 5 years ago | (#29055551)

Oh right, the only foolproof way is to rely on HUMANS.

You must manage an IT dept or something, I take it?

Re:(almost) spam-free (1)

TaoPhoenix (980487) | about 5 years ago | (#29056215)

Nah. There are several strategies unused. I'd like to start by not getting any foreign email. (I did accept some French spam on humor's sake, but any other language, forget it.)

Spellcheck. 80% of spam has beautifully awful spelling.

Re:How Exactly Does This Fight Spam? (2, Informative)

drukawski (1083675) | about 5 years ago | (#29056243)

The only way to truly insure you don't get spam is to turn your computer off. There have always been con-artists in one form or another, and as long as people are generally selfishly driven there always will be.

I tried this with linux (-1, Troll)

Anonymous Coward | about 5 years ago | (#29055383)

But it didn't work. Also, I can't get drivers for anything. Is there any website that has linux drivers? I am new to this.

Re:I tried this with linux (1)

Vovk (1350125) | about 5 years ago | (#29055749)

depends on your distro and what you need drivers for. your most common stuff can probably be added as a kernel module, or is available from your distro's package manager (if you are brand new to linux and your distro DOESN'T have a package manager, then switch distros. Seriously, they are good for beginners and experts alike)

Re:How Exactly Does This Fight Spam? (5, Insightful)

betterunixthanunix (980855) | about 5 years ago | (#29055387)

The idea is that a Centmail signature attached to a message would automatically reduce the message's spam likelihood; if enough people adopt Centmail, then receivers would be increasingly able to require a Centmail signature on mail, and killfile mail that lacks such a signature.

In theory, great. In practice, I predict it spiraling out of control as different parties try to "get in on the action" and see a chance to turn a profit instead of just giving the money to charity.

Re:How Exactly Does This Fight Spam? (4, Insightful)

D'Sphitz (699604) | about 5 years ago | (#29055703)

Let them profit if they want, it sounds like a good idea to me. If I send 10 emails a day, which is probably much more than your average computer user, that's $3.00 a month. I can handle that, but a spammer who sends millions of messages a month cannot pay $10k per million messages.

It's essentially a way to guarantee to recipients of my email that it is not spam.

Also, when customers with zombiefied computers get a six figure bill from their ISP, maybe they'll spend a few bucks to get their system cleaned up and secured, which benefits everyone.

Re:How Exactly Does This Fight Spam? (3, Insightful)

betterunixthanunix (980855) | about 5 years ago | (#29055751)

Look at what happened with SSL. There are dozens of different authorities, each with different requirements, and the net result is that an SSL certificate is not the highly reliable security token that it might have been if greed had never entered the equation. This system will succumb to the same problem: everyone will want to get a piece of the action, and in the end only amateur spammers will be thwarted.

Re:How Exactly Does This Fight Spam? (1, Informative)

Chabil Ha' (875116) | about 5 years ago | (#29055805)

Except that SSL was never intended as a way of establishing identity, even though it is a feature of it. Its purpose is and always has been a means of encrypting communication. As your valid reasons indicate, anyone using it to identify is absolutely peanuts.

Re:How Exactly Does This Fight Spam? (3, Informative)

betterunixthanunix (980855) | about 5 years ago | (#29055871)

Except that part of establishing secure communications is authenticating the other end, or else you are vulnerable to a man-in-the-middle attack; that is why SSL has a certificate system. If the only intention was to have a means of encrypting communication, then there would be no reason for SSL to have such a complicated protocol that includes identification and capabilities management.

Re:How Exactly Does This Fight Spam? (1)

calmofthestorm (1344385) | about 5 years ago | (#29056227)

1) Encryption without identification is like locking your message in an unbreakable safe then handing the key to the first stranger you see along with the box and asking him to give it to your friend Bob.
2) SSL is full of TONS of complicated shit related to authentication but not encryption. Its purpose is both, or it is poorly designed. Perhaps both.

Re:How Exactly Does This Fight Spam? (1)

NotBornYesterday (1093817) | about 5 years ago | (#29056175)

I think this is a terrible idea, and it will never work. Law-abiding folks will be taxed a few more pennies, and lawbreakers will find a way around it. Even when it becomes an abject failure, you can bet that whoever is in charge if this will never kill their nice fat revenue stream by admitting that it is a pig.

If the average corporate worker sends 20 emails a day and copies 3 people on each, and works for a company that has 1,000 employees, that's 60,000 emails per day, or about $150k per year. That's the annual salary for a couple good jobs.

You yourself hit on an obvious spammer solution ... rather than send the emails directly, simply trojan a few thousand PCs and let someone else foot the bill. Do you think that ISPs are benevolent enough to forgive a $100k debt? I could very easily see someone dragged into court to collect on it, for no reason more than they weren't protected against the latest malware. It would be ironic if the end user in such a case had been relying on the AV/firewall that their ISP provided, like Comcast.

Spammers only make money if a company pays them to "advertise" their product. The reason our inboxes are filled with spam is because some company down the line (other than the spammers) makes money from it. I say we find a way to sue/fine the shit out of the companies who hire spammers. Make spam a toxic way to do business, and demand will dry up.

Re:How Exactly Does This Fight Spam? (4, Insightful)

ashtophoenix (929197) | about 5 years ago | (#29056239)

But what if your centmail account gets hacked and the hacker uses it to send millions of spam messages. If you credit card is on their file you will be down a $10,000. Of course you can feel good about donating that much to charity!

Re:How Exactly Does This Fight Spam? (3, Insightful)

causality (777677) | about 5 years ago | (#29055769)

The idea is that a Centmail signature attached to a message would automatically reduce the message's spam likelihood; if enough people adopt Centmail, then receivers would be increasingly able to require a Centmail signature on mail, and killfile mail that lacks such a signature. In theory, great. In practice, I predict it spiraling out of control as different parties try to "get in on the action" and see a chance to turn a profit instead of just giving the money to charity.

Besides, this doesn't address the ultimate cause (or depending on viewpoint, the ultimate enabler) of spam. Spam exists for one reason and one reason only: someone, somewhere is willing to buy from spammers or otherwise to give them money. Any solution which doesn't address that has entirely failed to learn why Prohibition didn't stop people from drinking or why the War on Drugs hasn't made illicit substances go away. It doesn't matter how sophisticated or underhanded the spammers are, if no one gives them money anymore they WILL go out of business. This is probably a matter of education, though it's possible that credit card companies could be part of the solution since many of these transactions could not occur without their services.

Re:How Exactly Does This Fight Spam? (0)

Anonymous Coward | about 5 years ago | (#29056109)

Didn't you learn anything from Prohibition or the War on Drugs? The biggest lesson I see is that, no matter how illegal or stupid or dangerous something may be, there will always be people who do it.

Rationing away spam as "a matter of education" (implying that we could somehow educate 100% of the internet-using population) is just as foolish as arguing that spam exists solely because email is free.

Re:How Exactly Does This Fight Spam? (5, Insightful)

Garridan (597129) | about 5 years ago | (#29056051)

Problem is this: if you blindly trust Centmail, then it'll be worth it for spammers to pay to send email. Don't believe it? Check your physical mailbox.

Re:How Exactly Does This Fight Spam? (0)

Anonymous Coward | about 5 years ago | (#29056169)

Well, getting coupons for local stores and restaurants is an improvement over receiving emails from Abu son of a late General in Nigeria and internet "pharmacies" trying to sell herbal vi@gr@.

Re:How Exactly Does This Fight Spam? (1)

nine-times (778537) | about 5 years ago | (#29056065)

In theory, great. In practice, I predict it spiraling out of control as different parties try to "get in on the action" and see a chance to turn a profit instead of just giving the money to charity.

Well to me, the bigger problem is that if everyone did adopt this (which is what would need to happen in order for it to really stop spam) and no one else was "in on the action", then we'd essentially have centralized control over email. Scary.

On the other hand, if anyone can get "in on the action" and use their own signature, then I'm not sure how paying for email helps. Spammers would just get their own signatures, and the system wouldn't be any better than if everyone signed their email.

I do think everyone signing their email is a pretty good idea, though. It would probably not solve the spam problem, but it might help. If SSL certs got moved into DNS (as some people are suggesting) then it should be easy to use authoritative (signed) DNS records which also provided you with a list of authorized mail servers for each domain, as well as SSL certs for those mail servers. That would at least allow you to verify that a given email originated from the mail server it claims to come from, and that the mail server is an authorized server for a given domain.

Now that doesn't give us too much, except it means it could make it much harder to spoof mail, which is what a lot of spammers are doing. Further, it means spammers would have to register domains to send spam, email from those domains would clearly come from those domains, and those domains could easily be blacklisted.

Does that work? Probably not. I'd be interested to know why not, if anyone is willing to explain.

Re:How Exactly Does This Fight Spam? (2, Interesting)

Culture20 (968837) | about 5 years ago | (#29056211)

I predict it spiraling out of control as different parties try to "get in on the action" and see a chance to turn a profit instead of just giving the money to charity.

Yahoo is betting on that. The steps they'll take:

  1. Charge 1 cent per email opt-in sent to charitable org
  2. Pretend 1 cent isn't enough while the real reason is that other email systems don't implement similar setup and because spammers don't opt-in. Charge 2 charitable cents per email
  3. Charge 3 charitable cents per email. Make the system opt-out.
  4. Make the system mandatory. Reduce price to 2 charitable cents per email. The people rejoice!
  5. Now that everyone's been used to paying money per email, raise price to 3 cents, but only 2 cents of the charge are donated (processing donations takes money from Yahoo).
  6. ...
  7. Collusion between Cell phone companies and ISPs on the price of SMS/email: 25 cents per each. US Postal Service goes postal and wants in on the deal.

Re:How Exactly Does This Fight Spam? (1)

gurps_npc (621217) | about 5 years ago | (#29055429)

Yes, you do need to verify that the email company that sent you the email was in fact who they claimed to be.

The spam-fighting method is to build a sufficient number of email accounts that work that way and start black-listing every email that does NOT work that way and/or is not on your contact list. Not that hard to do.

Re:How Exactly Does This Fight Spam? (3, Informative)

digitig (1056110) | about 5 years ago | (#29055969)

The spam-fighting method is to build a sufficient number of email accounts that work that way and start black-listing every email that does NOT work that way and/or is not on your contact list. Not that hard to do.

Yeah, maybe you can afford to send new customers to /dev/null, but I sure can't.

Re:How Exactly Does This Fight Spam? (2, Interesting)

mcgrew (92797) | about 5 years ago | (#29055487)

So it sounds like an 'opt-in' program for doing otherwise would be suicide by a mail provider

I read this with alarm; I have a yahoo (actuallt rocketmail) account and I use it for slashdot. If this becomes popular I can see yahoo charging for all their mail services.

Re:How Exactly Does This Fight Spam? (2, Insightful)

whisper_jeff (680366) | about 5 years ago | (#29055655)

If this becomes popular I can see yahoo charging for all their mail services.

Don't worry. It won't become popular.

Re:How Exactly Does This Fight Spam? (3, Funny)

TaggartAleslayer (840739) | about 5 years ago | (#29055705)

Another marked troll? Seriously. Yahoo does have mod points today...

Re:How Exactly Does This Fight Spam? (0, Offtopic)

causality (777677) | about 5 years ago | (#29055937)

Another marked troll? Seriously. Yahoo does have mod points today...

That does seem to be the most trendy form of asshattery on Slashdot lately, to just indiscriminately mod down every top-level post that you can as "Troll". There do seem to be enough of them in this discussion that it would take more than one jackass moderator to pull off.

Re:How Exactly Does This Fight Spam? (2, Insightful)

Anonymous Coward | about 5 years ago | (#29055493)

From what I understand, this is not fighting spam directly. It's to encourage the adoption of a system that eventually will allow people to fight spam effectively-- that is, if everyone's already used to paying the cent for sending an email, they won't care when every email provider adopts this model. It only costs them a few bucks, after all. However, if you're sending millions of emails...

Re:How Exactly Does This Fight Spam? (3, Interesting)

Darkness404 (1287218) | about 5 years ago | (#29055641)

However there are -tons- of legitimate reasons to have more than one e-mail account. For example, a business might want to have one for each employee, so there is one, another would be a personal e-mail, and another one would be an "internet" e-mail for occasions where you might not want to reveal your real name (forum registration, etc). Plus there are many occasions where you forget either a username or password and when you try to register for a new account it helpfully tells you there is already an account for the e-mail address yet won't send you the username. Another reason is for convenience, I used Yahoo mail for a while but then I realized that I might as well get a Gmail account because I searched Google, had Google as my homepage and never used Yahoo except to check mail.

And also this will create problems with students/poor people who while they can afford the "stamps" might not have a credit card to buy them. And finally, this is unethical because the cost of a single message is -far- less than one cent, similar to how US carriers charge 10 cents or more per text message when it costs them nothing to send.

Re:How Exactly Does This Fight Spam? (3, Insightful)

causality (777677) | about 5 years ago | (#29055975)

And finally, this is unethical because the cost of a single message is -far- less than one cent, similar to how US carriers charge 10 cents or more per text message when it costs them nothing to send.

That's my main problem with it. The "logic" seems to go like this: "well, we couldn't come up with a way to make spammers pay, so instead we'll try to make everyone else pay to prove they're not a spammer." I can't support that.

Re:How Exactly Does This Fight Spam? (2, Funny)

TaggartAleslayer (840739) | about 5 years ago | (#29055545)

I have never understood the concept. Forget for a moment that spammers don't follow the rules, and generally work pretty hard to circumvent anti-spam measures, how are we all going to implement and maintain good measures on the receiving end?

Ohh... someone like Yahoo will do that for us. Got it. Just pay my monthly dues or licensing fees and then a low $.01 per email and it's all good. Glad this is such a humanitarian effort aimed at cleaning up our interwebs and not a huge cock-up out for profit, because then it would just be unethical...

Re:How Exactly Does This Fight Spam? (2, Insightful)

causality (777677) | about 5 years ago | (#29055807)

I have never understood the concept. Forget for a moment that spammers don't follow the rules, and generally work pretty hard to circumvent anti-spam measures, how are we all going to implement and maintain good measures on the receiving end? Ohh... someone like Yahoo will do that for us. Got it. Just pay my monthly dues or licensing fees and then a low $.01 per email and it's all good. Glad this is such a humanitarian effort aimed at cleaning up our interwebs and not a huge cock-up out for profit, because then it would just be unethical...

Also, why should I have to pay a new fee of any sort merely because someone else wants to send spam? The whole problem with spam is that everyone but the spammer has to bear its costs. This only increases the costs that all the rest of us have to bear because of spam. For that reason the ethics of this solution are already questionable despite its presumably good intentions.

Re:How Exactly Does This Fight Spam? (2, Insightful)

Foobar of Borg (690622) | about 5 years ago | (#29056149)

Also, why should I have to pay a new fee of any sort merely because someone else wants to send spam? The whole problem with spam is that everyone but the spammer has to bear its costs. This only increases the costs that all the rest of us have to bear because of spam. For that reason the ethics of this solution are already questionable despite its presumably good intentions.

Well, you see, the best way to make it work is to make the "charity" a special fund. The biggest spammers are only a few hundred people at most. So, the way the fund works is that, when it accrues to the point that we can hire a hitman to take out one of the spammers, we pay out to a hitman and the spammer gets whacked. Pretty soon, the spam problem is solved.

Or, I guess alternately we could use the special fund to do something legal like bribe congressmen/MP's/dictators (depending on country needing the action) to pass the needed laws or simply have the spammers arrested and thrown in jail for life.

Re:How Exactly Does This Fight Spam? (1)

Sancho (17056) | about 5 years ago | (#29056171)

The whole problem with spam is that everyone but the spammer has to bear its costs. This only increases the costs that all the rest of us have to bear because of spam.

The point is that once Centmail gets off of the ground, spammers will have a choice--bear the costs of sending millions of messages per day (eating into their bottom line) or accepting the rejection/increased spam classification of not having Centmail-signed messages. This means that the ultimate goal will either increase the cost to spammers, or effectively eliminate spam. Unfortunately, the short-term effects are not as useful, and you end up with people thinking that it only adds a cost to legitimate mail.

Of course, that's probably why they suggest that the money go to a charity.

Re:How Exactly Does This Fight Spam? (0)

Anonymous Coward | about 5 years ago | (#29056247)

You already pay for some sort of spam protection (even if indirectly through your ISP or employer). I hate to "me too", but I agree 100% with an earlier poster.
Any legitimate entity should be able afford to pay a penny per email and not even notice it. If I have to pay 3 to 5 bucks a month to cut down on spam, that's well worth it. And it would very quickly make the owner of zombies realize their computer wasn't the only mindless entity in their house - thus forcing a wide scale cleanup of not only spam - but perhaps botnets as well.
whatcouldpossiblygoRIGHT

Re:How Exactly Does This Fight Spam? (2, Insightful)

Fozzyuw (950608) | about 5 years ago | (#29055779)

I thought a lot of spam came through zombie / infected computers. So, it's just going to be other people who pay for it anyways.

Re:How Exactly Does This Fight Spam? (1)

Sancho (17056) | about 5 years ago | (#29056193)

Once they get hit with that bill, they'll clean up their computers. Multiple positive effects here.

Re:How Exactly Does This Fight Spam? (0)

Anonymous Coward | about 5 years ago | (#29055837)

Email marketers will wet their pants - this is a way to bypass Yahoo's sending limits and deliver directly to inboxes.

$10 for guaranteed delivery to 1,000 users? (5, Interesting)

ickleberry (864871) | about 5 years ago | (#29055389)

Now here's something both the spammers and the ISP's will love. I presume somewhere in their long-term plan is a means of getting rid of all those pesky renegades who run their own email server and don't opt into this scam

Re:$10 for guaranteed delivery to 1,000 users? (4, Insightful)

exhilaration (587191) | about 5 years ago | (#29055491)

Exactly, they're trying to charge spammers for guaranteed delivery to your inbox. I prefer the Gmail model of spam management - build some incredibly good filters and eliminate 99% of all spam.

Re:$10 for guaranteed delivery to 1,000 users? (1)

wift (164108) | about 5 years ago | (#29055895)

That does not eliminate the traffic created by it.

Re:$10 for guaranteed delivery to 1,000 users? (1)

thetoadwarrior (1268702) | about 5 years ago | (#29055993)

And you probably never will unless you charge people for mass mailing and all botnets. If they at least stop it showing up in my inbox I'll be happy.

Re:$10 for guaranteed delivery to 1,000 users? (1)

icebraining (1313345) | about 5 years ago | (#29056055)

But greatly reduces the likelihood the spam will reach the potential "costumer" and therefore it's profits, making "spamming" a less attractive business.

Re:$10 for guaranteed delivery to 1,000 users? (1)

SBrach (1073190) | about 5 years ago | (#29056129)

So? I never get spam in my G-mail inbox. Google and ISPs, I'm sure, are dealing with tons of spam traffic but I am not. If ISPs want to pay a fee to some central authority to stop spam traffic on their networks that's fine. But remind me again why I should have to pay when I use the services of a company that is clever enough to offer me free* e-mail and still turn a profit. How exactly would I benefit? Last time i checked ISPs were screwing me over left and right. *free-as-in-cost and free-as-in-spam-free

Re:$10 for guaranteed delivery to 1,000 users? (1)

FlyingBishop (1293238) | about 5 years ago | (#29055973)

If someone is paying for the spam, then it's impossible for them to avoid anti-spam legislation. They've signed a document saying they've sent spam (or at least money has changed hands.)

This is a really good idea, because it creates potential for government oversight. The Gmail model is inherently flawed. Not only does it let spam slip through, it creates false positives. Authenticated email needs to start coming along, and this is the best way to do it. The problem with spam is that it's untraceable. If someone is paying, then you trace to the payer, and payers have incentive to stop, because we can levy hefty 5 cent per message fines on top of that if abuse is proven.

Re:$10 for guaranteed delivery to 1,000 users? (1)

Sancho (17056) | about 5 years ago | (#29056221)

I bet that a pretty big chunk of those filters relies on people pressing the "report spam" button. It'd be really nice if Google would offer a spam-checking service so that non-Gmail users could check messages against Google's spam corpus.

Re:$10 for guaranteed delivery to 1,000 users? (2, Interesting)

Darkness404 (1287218) | about 5 years ago | (#29055707)

An even scarier twist would be if legislation makes it -illegal- to discriminate against mail sent this way with a spam filter (probably thrown in with some form of net neutrality) making it a guaranteed delivery, illegal to block.

Re:$10 for guaranteed delivery to 1,000 users? (4, Insightful)

glop (181086) | about 5 years ago | (#29055723)

Well, the best part for the spammers is when they don't pay the 10$ because the owners of the zombie PCs do... This objection was raised years ago already for other "payment" schemes like for instance the computation payment (you do a computation that takes a lot of CPU to sign the message. So you "paid" for your stamp).
It does not sound like a very well thought plan. Maybe the idea is that people will be more careful not to get pwned?

Re:$10 for guaranteed delivery to 1,000 users? (2, Insightful)

Nossie (753694) | about 5 years ago | (#29055787)

"when they don't pay the 10$ because the owners of the zombie PCs do.."

Gives them one more to give a fuck about security does it not?

Re:$10 for guaranteed delivery to 1,000 users? (0)

Anonymous Coward | about 5 years ago | (#29056061)

"when they don't pay the 10$ because the owners of the zombie PCs do.."

Gives them one more to give a fuck about security does it not?

No, it gives them more reason to call their ISP and scream about it until they credit the charges back.

Re:$10 for guaranteed delivery to 1,000 users? (5, Insightful)

prograde (1425683) | about 5 years ago | (#29055953)

From the paper, section 3.2 http://centmail.net/centmail.pdf [centmail.net] :

A related scenario is when a user attempts to reuse a single legitimately obtained stamp to validate a single message sent to thousands of people. This is in fact considered to be acceptable behavior from the perspective of CentMail, similar to the use of blind carbon copy (bcc) for emails.

That sounds like exactly what spammers do - send the same message to thousands of people. So, really, that's $10 for delivery of 1,000 unique messages to unlimited millions of recipients. Good deal!

Re:$10 for guaranteed delivery to 1,000 users? (1)

Tehrasha (624164) | about 5 years ago | (#29056071)

AND the spammer can deduct charitable contributions on his taxes at the end of the year....

what about pwned accounts? (3, Insightful)

Khashishi (775369) | about 5 years ago | (#29055401)

How will this discourage spam if the spammers are just using pwned accounts?

Tax Deduction? (0)

Ambiguous Coward (205751) | about 5 years ago | (#29055409)

This will surely make for some highly-entertaining tax return forms in the near future.

Gosh. (4, Interesting)

fuzzyfuzzyfungus (1223518) | about 5 years ago | (#29055411)

I'm glad that goodwill and fuzzy feelings are able to cut transaction costs; because they'll be the real killer at $0.01 a pop.

I assume, because of this problem, that they'll either be billing you when your tab reaches some worthwhile value, and trusting you in the meantime, or forcing you to buy in large blocks ahead of time(which would be super annoying, goodwill or no).

How stupid.... (4, Insightful)

Darkness404 (1287218) | about 5 years ago | (#29055413)

Honestly, this is one of the stupidest things I have heard of. For one, if this is adopted it will lead to discrimination of services (as in, you are using Gmail and not our ISP's pay-mail, so your message automatically gets flagged). For another, I've found that Gmail and other webmail services are pretty good of not giving false positives, in the few years I've been using Gmail, I've gotten 3 spam messages total, none of which was a false positive and no spam e-mails in my inbox. But honestly, this is simply charging for what should be a free service to help solve a problem that doesn't exist if you use Gmail (can't say for any other mail provider because Gmail has been so good I really haven't used any other mail provider).

Re:How stupid.... (0, Redundant)

TaggartAleslayer (840739) | about 5 years ago | (#29055605)

This marked as trolling? Yahoo must have mod points today. O.o

Re:How stupid.... (2, Insightful)

macraig (621737) | about 5 years ago | (#29055847)

Someone probably misapplied the Troll mod for "Shill". The guy sounded a bit like a shill for GMail, don't you think? Either that or a genuine noob: "...Gmail has been so good I really haven't used any other mail provider". Jeez, he's NEVER used ANY ISP e-mail account? I find that rather hard to swallow, unless he's really fresh off the boat. So yeah, if I were modding his post I'd be inclined to mod it something other than favorably myself. He's just not that believable.

Re:How stupid.... (1)

TaggartAleslayer (840739) | about 5 years ago | (#29055939)

I could see that... but I use Gmail as well and share many of his sentiments.

Though, that being said, I have received more spam of late. Either spammers are getting better, or I really have won the Nigerian lottery.

Re:How stupid.... (1)

thetoadwarrior (1268702) | about 5 years ago | (#29056053)

To be fair out of all my ISP and freebie email accounts Gmail has been by far the best. I'm positive I could count all the spam I've received on my fingers with no legit email showing up in my spam folder.

Re:How stupid.... (0)

Anonymous Coward | about 5 years ago | (#29055623)

Gmail has been so good

Gmail's spamfilter is good, but their "labelling/conversation" format is horrible.

Re:How stupid.... (1)

Stupendoussteve (891822) | about 5 years ago | (#29055897)

Gmail's spamfilter is good, but their "labelling/conversation" format is horrible.

It also makes using it via IMAP incredibly complicated.

Good idea. Who pays the bill? (1)

tp_xyzzy (1575867) | about 5 years ago | (#29055415)

Once this service is up and running, they'll get a botnet which will take over people's machine and start sending spam. If it manages to send 10000000 emails from your machine, who pays the bill?

Re:Good idea. Who pays the bill? (1)

DeHackEd (159723) | about 5 years ago | (#29055465)

From my interpretation, you buy stamps first and send mail later. This isn't a case of botnets racking up bills, this is a case of credit card fraud fueling spam.

Oh well (5, Funny)

JohnHegarty (453016) | about 5 years ago | (#29055435)

Your post advocates a

( ) technical ( ) legislative ( ) market-based ( ) vigilante (x) charitable

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
(x) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
(x) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( X ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
(X) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Oh well (2)

Shakrai (717556) | about 5 years ago | (#29055503)

Well I knew that was only a matter of time. Anybody know the actual origin of the template above? Always wondered about that.....

Re:Oh well (1)

bcmm (768152) | about 5 years ago | (#29055631)

I don't know, but I wish it were more widely known. That way, people designing hairbrained schemes for ending spam could read it first and save their time.

Re:Oh well (3, Informative)

CannonballHead (842625) | about 5 years ago | (#29055815)

The closest I can find to an "original" is this one [craphound.com] , which is linked to a lot.

Re:Oh well (0)

Anonymous Coward | about 5 years ago | (#29055865)

It was spammed to Usenet.

Re:Oh well (1)

Jurily (900488) | about 5 years ago | (#29055627)

Summary for the tl;dr crowd: x xx x xx xx x xx x x x x xxx

Re:Oh well (3, Informative)

dreeves (951592) | about 5 years ago | (#29055777)

We did try to address these common objections. See Section 3.2 of the paper: http://centmail.net/centmail.pdf [centmail.net]

Re:Oh well (4, Insightful)

ricotest (807136) | about 5 years ago | (#29056035)

You offer three points in rebuttal:

1) An increase in use of Centmail points could be flagged as suspicious

...after the fact? Or will you have an automated system that prevents the mails from being sent if they seem suspicious? Otherwise a spammer can simply do a hit and run and exhaust the user's account. Regardless of that, spammers are more likely to control a very large amount of zombie Windows boxes, sending out a small number of e-mails on each machine.

2) If a user gets hacked, he just ends up donating more money to charity

Which is wonderful and all, but doesn't really solve the problem.

3) Hackers are more likely to be interested in other aspects of the user's computer

Spammers have demonstrably took over swathes of Windows machines exclusively to send out spam. Even if they didn't, centmail offers the chance to send a mail that is practically verified as genuine, which is very rare, and worth hacking a computer for.

Re:Oh well (1)

SlashDev (627697) | about 5 years ago | (#29055911)

1) Will not work? I don't think you, me or anyone else have a say in this, if they decide to implement it, it will work. People need email, they will spend a penny on each; I know I would. Unless you're using your Yahoo email for business, at that point, you have other things to worry about besides costs, the average persons, sends 10 emails per day. 2) You obviously don't work at an ISP to really understand blacklists, spam and what effect they have on your ISP's ability to send email to other ISPs.

Re:Oh well (2, Insightful)

Tubal-Cain (1289912) | about 5 years ago | (#29055919)

Missed a few:
(x) Many email users cannot afford to lose business or alienate potential employers.
(x) Joe jobs and/or identity theft.
(x) Countermeasures must work if phased in gradually.
(x) Feel-good measures do nothing to solve the problem.

Cost TOO MUCH! (1, Flamebait)

Sepiraph (1162995) | about 5 years ago | (#29055445)

$0.01 / email is WAY too much, even with spam filter on. A price range of $0.01 / 100 emails is more realistic and cost friendly.

Re:Cost TOO MUCH! (4, Funny)

ctaylor (160829) | about 5 years ago | (#29055555)

I'd rather it was $1 per email. That might cut down on all those forwarded chain emails my relatives keep sending me.

Re:Cost TOO MUCH! (0)

Anonymous Coward | about 5 years ago | (#29055719)

I'd rather it was $1 per email. That might cut down on all those forwarded chain emails my relatives keep sending me.

Ah yes, the "bless you and send this blessing to 10 others or some horrible bad luck will befall you" emails. And the senders don't quite comprehend why the email isn't Christian.

Re:Cost TOO MUCH! (2, Insightful)

betterunixthanunix (980855) | about 5 years ago | (#29055725)

In all honesty, I would rather keep email the way it is. This "stamp" based approach will not work; either nobody will adopt it, or it will become popular and a bunch of other stamping businesses will crop up looking to make some money. I would rather just continue with my current spam filters, which kill 95% of the spam that hits my machine -- the other 5% does not amount to anything terrible.

Re:Cost TOO MUCH! (1)

YouWantFriesWithThat (1123591) | about 5 years ago | (#29055891)

exactly. the people who do what you do will continue to do that, with incremental improvements in filtering technology and software that they run on their box(es). and the people who do what i do will continue to do nothing at all. relying on someone else to do the filtering and access it from whatever device, where ever i am and not manage the box(es) ourselves. and out of these two groups very few will ever buy a one cent stamp for an email.

The real problem I see... (1)

TaggartAleslayer (840739) | about 5 years ago | (#29055471)

If widely adopted, there is built in inflation and no incentive to keep costs low. We assume that spam is uneconomical at $.01 per email. If that is proven false and the threshhold is actually even slightly higher, does that mean we all pay more to send approved email? If you refuse to pay, is your corporate email likely to be marked spam?

With this scheme, all we do is put ourselves in a direct cost offset race with unscrupulous organizations, pitting our own "safe email" assurances against those already proven willing to go to unethical and illegal lengths to profit from the very people paying for the "safe email" certificate in the first place...

Am I missing something, or does the entire system just seem destined to leapfrog in price and crumble down in a pathetic heap? Then again, it's really not about the spam, it's about profiting from one of the last free forms of communication.

Forged headers? (1)

chickenarise (1597941) | about 5 years ago | (#29055533)

I was just wondering if you forged your From: to someone who uses this would they be charged for it, or is that technically not a problem? Other than that, I agree with previous posters' worries about pwned accounts getting griefed and racking up a substantial bill.

Re:Forged headers? (3, Insightful)

betterunixthanunix (980855) | about 5 years ago | (#29055651)

I think you would have to be authorized to Centmail's SMTP servers. Pwned accounts are not such an issue either, if you buy blocks of 500 "stamps" ahead of time and are not automatically billed for it; spammers would only get a small number of stolen stamps at a time, and that would at least slow them down.

The real issue is that it will not remain charitable for long. If it becomes popular, rival for-profit services will start cropping up, and we will wind up with a situation similar to SSL, where there are dozens of different authorities competing with each other, some with different levels of trustworthiness, some charging different amounts, etc.

Re:Forged headers? (1)

maxume (22995) | about 5 years ago | (#29055753)

Only if it is implemented extremely poorly, which is unlikely. For instance, Domainkeys/DKIM has not been defeated yet (that I have noticed, anyway):

http://www.dkim.org/ [dkim.org]

(DKIM is a scheme for message signing, if a message contains an organization's signature, it is quite likely that the organization did handle the message)

Cynical? Me? (0, Flamebait)

TDyl (862130) | about 5 years ago | (#29055629)

So when will Microhoo start upping the charges for Redmond to take their pound of flesh?

Call Me Crazy, But I Would Participate (1)

Slashdot Parent (995749) | about 5 years ago | (#29055709)

If I could use any email client, I would participate in this.

I mean, why not? I give money to charity anyway. What difference does it make to me if I go through "Centmail" or any other intermediary, as long as "Centmail" doesn't charge a fee?

Pay per mail? (1)

Robert Goatse (984232) | about 5 years ago | (#29055713)

Meh, the day Yahoo! charges for an e-mail is the day I switch e-mail providers. It's not like they are the only free e-mail provider out there, gnome sayin'?

around we go (2, Interesting)

mugnyte (203225) | about 5 years ago | (#29055755)

  Either the authentication traffic kills us, or the spammers clone any sort of component embedded in email to lend credibility. If you can fake an email as spam, you can fake a stamp.

  If Centmail stamps are auto-verified, then either an API must authenticate the key and authorize the action - which is a lot of traffic - at a single server/authority, or we disperse it. With dispersal, possibly for abuse goes up, and then we have new keys arriving which means more traffic. We of course can't use keys per mail, but perhaps per-sender. This is still a huge number of keys to be managed.

  Filters work as a form of decentralized authentication, where the proper "key" is passing the filter, which is slowly morphing from user feedback. This seems to me to degrade over time, as the filters cannot change quick enough, still weighing-in prior exclusions while accepting new ones. There's a fair amount of noise to ignore while people mark email they don't like as SPAM and similarities are extracted.

  Blacklists and Whitelists are just filters with a central authority, but open to more abuse and too coarse-grained to remove much, as spammers hop or spoof origins quickly.

  Overall, I don't feel like bolt-on public systems can categorize the messages other than how we're doing it today. If we had a re-do on email, it might involve some encryption for senders, certificate stamps, and a trust level of pathways and a distributed authorization system with feedback to violators. But we're a long ways off from that.

This has all been discussed for years.

Okay, I'll play this game. (4, Interesting)

Ollabelle (980205) | about 5 years ago | (#29055757)

I'll set myself up as a charity, and have the system pull money out of my account, and put into the my other - er, the charity's - account. Now all my spam is blessed.

Re:Okay, I'll play this game. (1)

Voyager529 (1363959) | about 5 years ago | (#29055853)

Are you a Nigerian Prince?

Re:Okay, I'll play this game. (0)

Anonymous Coward | about 5 years ago | (#29056217)

No, he's the lawyer for your rich (and previously unkown) family member's estate trying to help you get your rightful inheritance.

I've heard this scheme before. (1)

Ustice (788261) | about 5 years ago | (#29055795)

So, if we all decide to boycot a particular gas company for a month, the price of gas will go down! BRILLIANT! Oi. Why would people pay for something that they use for free. If Yahoo is worried about spam protection, then they should just use Google's spam filter, like they use MS's search engine. Problem solved.

time to delivery not longer that important (1)

mugnyte (203225) | about 5 years ago | (#29055859)

    Email is already used to deliver messages that have lower immediacy expectations than IM or Cellular. Authentication may slow down delivery even further, but this usage pattern is putting email behind-the-times on the technology ladder.

    Right now it's still good for mixed-media and longer messages, but mostly its a holdover from an earlier era. Eventually, users will simply a document and then share it with a target audience, not actually clone content to inboxes.

    I don't mind the death of email. "Offline" reading is redundant given content capture techniques, and the messages are vastly wasteful in their design (copied threads).

Re:time to delivery not longer that important (1)

BMonger (68213) | about 5 years ago | (#29056111)

That sounds eerily like Google Wave... :)

In reality... (1)

operagost (62405) | about 5 years ago | (#29055955)

If this system were to go in place, Yahoo would be vilified and the program would be closed within weeks. Then a few months later, it would be resurrected as a new tax by the US government in a "cap and spam" bill.

In other news... (1)

LordDragoon (655748) | about 5 years ago | (#29055987)

Spammer/Hacker has already written program to spoof centmail stamps.

Please forward this (4, Funny)

xgr3gx (1068984) | about 5 years ago | (#29055997)

This message is to raise money for a litte girl with cancer.
Every time someone forwards this email it's tracked, and AOL, Microsoft, Yahoo, and Disney will donate $0.01.
The more people you forward to, the more money we can raise! So please...look into your heart and just take a few seconds to forward this message to everyone in your address book.
If you choose to be a meany, and not forward this email, you will die in 5 years, and so will everyone in your family.

FTFY (1)

KingPin27 (1290730) | about 5 years ago | (#29056079)

I've installed a keylogger onto your computer to capture your login credentials for the Yahoo Centmail site -- I have now solicited over half of Nigeria and most of Scotland for monies on behalf of your cousins uncles nephews best friends room mate from college who is lying sick in a hospital bed in Sweden and needs a foreign bank account to deposit large amounts of monies into before he passes away

Signed -- Centmail Approved Message

Something's missing (1)

Chelloveck (14643) | about 5 years ago | (#29056151)

Wow, that's really amazing. Neither the article nor the actual CentMail website has a single shred of technical information on how this will actually be implemented. I'm sure it has something to do with the evil bit.

Does Yahoo declare itself guilty for SPAM? (1)

VincenzoRomano (881055) | about 5 years ago | (#29056157)

That schema would work only if Yahoo could be accounted for the most part of the SPAM.
And if Yahoo is not guilty for all the SPAM, then that move would work only if all free email services would follow.
And then you would need to force all ISPs to block TCP port 25.
And only then, maybe, you would be starting limiting the amount of spam!

In an unrelated story.... (1)

Kaptain Kruton (854928) | about 5 years ago | (#29056245)

Centmail users pay $0.01 for each message they send...

In an unrelated story, the number of Gmail users has recently sky-rocketed.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>