Yahoo's plan to fight spam with pennies -
August 20, 2009 10:53 AM   Subscribe

definitely read this as 'fight spam with penis.' kind of like fighting fire with fire, i suppose.
posted by Jon_Evil at 10:57 AM on August 20 [6 favorites has favorites]

Sending a penny-stamped e-mail through Yahoo’s (not yet released) CentMail program would automatically mark it as “real mail” and get it past any spam filters

Any spam filters?
posted by Mwongozi at 10:59 AM on August 20 [2 favorites has favorites]

Sorry, but if it has to be followed immediately by, "It's just crazy enough to work!" then what you have is not really a plan so much as a bundle of hopes, dreams, and fairy dust.
posted by Copronymus at 11:03 AM on August 20

Even assuming this works as intended, it provides extra incentive for spammers to hack into people's accounts to send out their spam on someone else's tab.
posted by FishBike at 11:04 AM on August 20 [5 favorites has favorites]

This will probably go as far as the last 100 times this idea has been proposed. I'd love to see real and strong efforts to destroy spam but it doesn't seem like it's ever going to happen.
posted by Wood at 11:05 AM on August 20

This will work perfectly. As long as you only send mail to @yahoo.com addresses.
posted by adamrice at 11:10 AM on August 20

Your post Amazon's program advocates a

( ) technical ( ) legislative (X) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

&c.
posted by Kadin2048 at 11:10 AM on August 20 [23 favorites has favorites]

Yahoo's mail is annoying. Popups at every turn. Crap turning itself on. Different screens stopping you from getting to your email. Chats turning themselves on. Yahoo redoing their home page 4 million times and moving the link. Forcing you to come up with multiple security question/answer sets. I think they have so many problems with spam is because a lot of people use yahoo addresses solely for receiving it. Businesses accept it and you don't have to bother with your 'real' email, which is probably gmail, where their spam filters pretty much work so well you forget about spam most of the time. Penny for your thoughts? No, Yahoo, no.
posted by cashman at 11:15 AM on August 20 [3 favorites has favorites]

"On display was an electronic stamp the U.S. Postal Service plans to sell to certify authenticity and delivery time of e-mail.

The technology, called "electronic postmarks," will not necessarily end the era of free e-mail. But it does create a "first class" version with a small delivery charge."

About the US Postal Service, 2002
posted by Houstonian at 11:19 AM on August 20

...our 'real' email, which is probably gmail, where their spam filters pretty much work so well you forget about spam most of the time.

Yeah, this. Google's pretty much solved the spam problem as far as I'm concerned.
posted by Perplexity at 11:21 AM on August 20 [7 favorites has favorites]

The right way to do this is to refund the money if it's not marked as spam within, say, 72 hours. That way, Yahoo could serve as an escrow service. If it's not spam, it's free for everyone (minus assholes who you'll probably just never talk to if they mark it as spam). 1c is a stupid amount, many advertisers are willing to pay for bulk rate postage over U.S. mail. Make it a $2 escrow service (or any configurable amount) and you'll never have spam again. Yahoo! could make money on interest on the money in their account (as you'll probably need a fair amount in there if it's $1 per mail for a 72 hour period).
posted by amuseDetachment at 11:24 AM on August 20 [2 favorites has favorites]

Sorry, $2 per mail for a 72 hour period to be consistent with the example.
posted by amuseDetachment at 11:25 AM on August 20

Why not link directly to the Wired article, rather than the one-paragraph, detail-thin NYT writeup?

It has the kernel of a decent idea, but the logistical challenges make it pretty much a pipe dream. You need to get a significant number of email providers on board before the "guarantee" that your message won't be mistaken for spam becomes meaningful—if no one but Yahoo! recognizes the "stamp", it's pretty much worthless.

A penny a message isn't much, but it adds up, and most spam filters are pretty good these days—most people would rather delete the occasional spam email than pay for a service that's almost universally free. So email providers have no incentive to get on board with the plan—especially considering that they wouldn't be making any money from it. Why spend money setting up and maintaining a service that most people don't want and which has zero ROI?

Whatever value it might have to email providers becomes a game of "you go first"—no one is going to make the investment until it becomes clear that other companies are making the investment.

Anyway (as the Wired article says), what's to stop spammers from setting up their own email servers and forging the stamp? I guess you could start blacklisting, but (a) most spam is sent from botnets, so you'd have to blacklist many thousands of IPs; and (b) at that point, the white hats are kinda back where they started.

And what about people who have a legitimate need to send large amount of email, and maybe don't have the resources to pay for them (such as listservs and anyone who maintains a mailing list)? Presumably they could just opt out of the program (or simply use an email provider that doesn't participate), but it just seems...well, inelegant.
posted by ixohoxi at 11:25 AM on August 20 [1 favorite has favorites]

I'm getting really tired of the form responses as posted above.

I think at some point a microcharging system is indeed going to work, in the same way that sending something by FedEx works better than sending it by the USPO.
posted by unSane at 11:28 AM on August 20

Oh damn I thought we'd be throwing them at the spammers. I hear a bag full of pennies can cause a bit of damage.
posted by gomichild at 11:29 AM on August 20

The right way to do this is to refund the money if it's not marked as spam within, say, 72 hours. That way, Yahoo could serve as an escrow service. If it's not spam, it's free for everyone (minus assholes who you'll probably just never talk to if they mark it as spam). 1c is a stupid amount, many advertisers are willing to pay for bulk rate postage over U.S. mail. Make it a $2 escrow service (or any configurable amount) and you'll never have spam again. Yahoo! could make money on interest on the money in their account (as you'll probably need a fair amount in there if it's $1 per mail for a 72 hour period).

As a side-effect, this would completely kill most mailing lists. So would the 1 cent amount, I suspect. If anybody is thinking nobody would sign up for a mailing list and then flag the resulting e-mails as spam, I'm constantly amazed by what gets flagged as spam (as reported back to me via various mail feedback loops with major e-mail service providers).

People flag personal messages from close relatives, electronic tax receipts, even messages they sent to themselves from their work address to their home address. I suspect it's just easier to do that than to delete some messages and flag others. Just flag all the "stuff I don't want any more" messages and they're gone.
posted by FishBike at 11:30 AM on August 20 [2 favorites has favorites]

In all seriousness, if you could get Google, Yahoo, and Microsoft to agree to some sort of escrow/postmark plan, that would probably be close enough to "immediate total cooperation from everybody at once" for a system to work.

I'm not sure what the exact percentages are, but between GMail, Yahoo Mail, and Hotmail, I think you'd probably have a majority of email recipients on the Internet.* If you could get buy-in from them, the next in line would be the broadband internet providers, who might actually be easier to convince since spam is a direct cost to them.

But I doubt you'd ever get Google/Yahoo/MS to agree to a single plan, because one of the features they compete with each other on is spam filtering. Google, in particular, would have little incentive to go along with it, since its spam filters are already so good they've practically eliminated it as a problem for their users.

* Unless there are some new services that 'kids these days' are using; my feeling is that more and more young people just bypass Internet email in favor of proprietary messaging systems like Facebook's, which is a step backwards and kinda sad given all the effort that went into deep-sixing proprietary systems in favor of 'real' email over the last few decades. But I digress.
posted by Kadin2048 at 11:34 AM on August 20

This plan would work better if, instead of going to charity, the money was used to kidnap spammers and take them to third-world countries where very, very unpleasant things would happen to them.
posted by mullingitover at 11:37 AM on August 20

The point is not that ALL mail needs to be paid mail, but that paid mail gets treated differently.

This becomes an add-on to regular email, not an alternative.

If I get mail that has a validated paid-for stamp on it, that's useful information in terms of whether I treat it as potential spam or not.

There should be an option to donate part of the cost of a stamp to the charity of your choice.
posted by unSane at 11:38 AM on August 20

So how much of the 1 cent does yahoo get? This idea sounds nice on the surface but underneath it looks more like Yahoo is looking for a revenue source.
posted by doctor_negative at 11:41 AM on August 20 [1 favorite has favorites]

... in the same way that sending something by FedEx works better than sending it by the USPO

... sending *some things* by FedEx works better than sending *some things* by the USPO.

Would you send your rent check FedEx? Netflix DVDs?

More importantly, if you were a snail-mail direct marketer, would you send your fliers FedEx? No. That seems the equivalent of spam to me.
posted by mrgrimm at 11:43 AM on August 20

Sorry, not clear. I meant that companies looking to send official documents via email to other companies might use some sort of paid certification, but people sending YT links to friends will not, i.e. the messages that spam companies model their messages after would not be the ones who would certify. Boy, I'm still confusing.
posted by mrgrimm at 11:45 AM on August 20

Damn you, Kadin2048. It was my turn!
posted by splice at 11:54 AM on August 20

It's been tried by two companies here in the Netherlands. One of them is a customer (http://portomail.nl/ - I wrote the postfix extensions to handle incoming mail)

Both companies have since stopped offering the product.

The idea simply doesn't work.
posted by DreamerFi at 12:00 PM on August 20 [1 favorite has favorites]

gomichild: "Oh damn I thought we'd be throwing them at the spammers. I hear a bag full of pennies can cause a bit of damage."

That's a sock full of half-dollars. If you're a common thug, you can use nickles, but I prefer half-dollars. I think that it's classier.
posted by boo_radley at 12:03 PM on August 20

Gmail spam filtering is totally awesome and appears to always be one step ahead of the spammers.
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 12:05 PM on August 20

I've had an idea like this kicking around for some time.

You'd need an effective micropayment system, to begin with, so the idea is dead right there. You'd also need a decent authentication system for your mail servers, since I want to know you are who you say you are, in terms of email.

The basic idea is that I have a nuisance charge of a nickel on my email account (set as to how much your time is worth). If you are not on my whitelist, and you send me an email, your email server negotiates with mine before delivery. Is the sender willing to pay me a nickel? If so, bam, it goes in my inbox.

If I'm a mailing list, my users have to whitelist me, that's all. They can dewhitelist me at will. Whitelisted email costs nothing.

So if my old pal from college, with whom I have lost touch, wants to email me from a new address, sure, he'll pay a nickel to get through. Bill Gates sets his at ten thousand dollars. A kilobuck per second, for ten seconds of Bill's attention. You want to work from home? Read spam. Set your limit at half a penny, read about Rolex and Viagra all day.

So we've got your buddy from college and your knitting email lists taken care of. What about your public service mailboxes? You know, webmaster@, abuse@, support@ ... you want to have emails from complete strangers then. You'd have to leave it open. Wouldn't spammers redirect their attention there?

Yes, probably. This is where an escrow feature comes in. It would work like this. "You negotiate a penny to send me an email. It'll be held in escrow. If I hit the spam button, you don't get that penny back. If I don't hit it, you are a valuable customer! And you get to keep your penny.

And yes, spammers will want to redirect their costs to victims. Absolutely. But consider ...

Someone hacks my box, I'll notice when my ten dollar/month piggybank is empty and my mail client says, "Oh, you can't send more email until you feed the piggy." Right there, suddenly, users know their machine has been compromised. Nobody gives a good goddamn most of the time if their machine is "secure" or part of a botnet — what's a botnet? But "hey your piggy bank is empty; your computer has probably been hacked, check it out" could actually be a useful side effect.

Of course, none of this would be backwards compatible. You'd need to call it "imail" or something; millions of servers and a billion email clients. And folks would want to tax the crap out of it, I'm sure.

But, yes, it would be technically possible to use economics to force spammers out of business. And remember that spam is often sent on behalf of someone else. That someone else does not have to make money on the transaction, they only have to think they can get rich by selling fake Rolexes on the Intarwebs. If they don't make the money, there's always another sucker waiting to pay a spammer a grand or two to send out fifty million spams.

Thus, the effects wouldn't be immediate. Aunt Tillie would learn, via rumor, that she has to apply those service packs she keeps clicking "NO" to or her piggybank might go dry. Spammers' clients would realize that the upfront costs are huge, because the spammers themselves aren't going to front them the cash.

There's other little wrinkles I've been considering, ways people would attempt to game the system, but I think it's feasible, just terribly unlikely.
posted by adipocere at 12:06 PM on August 20 [4 favorites has favorites]

You know, I'm in a band, and we use a popular online free tool to keep track of our mailing list. Every email we send out about shows or whatever, we have to click the 'I certify this isn't spam' box before we send.

I wonder if this sort of thing would have a chilling effect on those sorts of services. They operate on a 'under a certain size is free' model with incentives to buy the paid service. I can't imagine their margins are huge, so having to pay the one cent for 500 emails for 500 customers would start to hurt.....
posted by lumpenprole at 12:19 PM on August 20

I hate Yahoo mail. I hate all of the "Top Weight Loss Tips" and "Mother Throws Newborn in Dumpster" type news stories that litter the front page. My work account is Yahoo (we're livin' in the 90s). Not my choice.

This is not a terrible idea, but it is a logistical nightmare.
posted by futureisunwritten at 12:37 PM on August 20

You want to work from home? Read spam. Set your limit at half a penny, read about Rolex and Viagra all day.

I think I'd set my limit at half a penny and tell my e-mail client to tell you that I've read about your f4nt45t1c pr0duct5.
posted by oaf at 12:44 PM on August 20 [1 favorite has favorites]

adipocere, most of the things you've mentioned we actually tried, including plenty of other ideas, like having paid email support (a bit like a 1-900 telephone number for support)

Again, from practical, actual experience with such a system: it won't work.
posted by DreamerFi at 12:46 PM on August 20

This idea assumes that some enterprise involved with this scheme won't eventually start charging a bulk rate to spammers, just like the USPO does with bulk rate mail from marketers.

What Yahoo! and the rest hate more than spam is not making money off of it.

Once the email service providers have a captive audience moved over to penny emails, it'll then be trivial for all of them to monetize spam.

At that point, if you don't like spam coming back, just upgrade to their PennyPlus™ email system, which includes their exclusive ExtraPenny™ filtering system.
posted by Blazecock Pileon at 12:48 PM on August 20

1 cent to a charity of your choice? How about the 'Helping Impoverished Pwnguins' fund?
posted by pwnguin at 3:47 PM on August 20

Also, it's incredibly self-serving to Yahoo! to be the only seller of stamps. And pointless if they federate it.
posted by pwnguin at 3:53 PM on August 20

To destroy spammers someone has to literally hunt them down and terminate them.

I vote for Arnold Schwartzeneggar.
posted by bwg at 6:05 PM on August 20

So I guess I'm the customer for this, but the problem is that none of my email to my friends is ever marked as spam. I have no incentive to guarantee delivery of my mail, because it already works perfectly.

Why would I pay for this? I cannot remember a single time in the last five years that one of my emails didn't show up where it was supposed to.
posted by popechunk at 8:41 PM on August 20

Yahoo's mail is annoying.

Yahoo anything is annoying. Their entire approach to usability seems to be: make it heavy, slow, shiny, awkward and cute, all at the same time. I can be in and out of GMail in the time it takes to log into Yahoo.

I swear, the Microsoft Bob team found a new home at the Big Y.
posted by rokusan at 9:00 PM on August 20

People flag personal messages from close relatives, electronic tax receipts, even messages they sent to themselves from their work address to their home address.

And even the ones who don't intentionally abuse the "report as spam" button, or whatever the equivalent is on their service, can easily mark something as spam by accident. I end up doing it myself quite frequently (delete and report as spam being very close to each other), although I do then go and rescue it from the spam folder.
posted by Kutsuwamushi at 12:13 AM on August 21

Sending a penny-stamped e-mail through Yahoo’s (not yet released) CentMail program would automatically mark it as “real mail” and get it past any spam filters

So users sending legit email have to pay to guarantee delivery, while spammers will continue to find ways to sneak through spam filters for free anyway?

Oh yeah, that's going to work.

And this would really chew into e-commerce. Shipping confirmation emails? Receipts? A penny per email doesn't sound like much but for e-retailers like Amazon?

This isn't a spam solution it's a money grab.
posted by Zinger at 8:05 AM on August 21

And this would really chew into e-commerce. Shipping confirmation emails? Receipts? A penny per email doesn't sound like much but for e-retailers like Amazon?


I'm just guessing here, but I'm guessing it would add EXACTLY ONE PENNY to the price of everything they sold.

Thus destroying their business model.
posted by unSane at 9:36 AM on August 21

I'm just guessing here, but I'm guessing it would add EXACTLY ONE PENNY to the price of everything they sold.

Great guess. Except that it's dead wrong, even though you used capital letters.

Because there is usually an order details email, a receipt for payment, and a confirmation of shipping email for each order. Plus there's all sorts of customer service emails back and forth, some related to sales, and some that never convert to sales. So it could add up to as much as 25 cents per item... which if you're going toe to toe with other retailers on price, makes a difference.

And it's still a money grab that does nothing to address the issue of spam.
posted by Zinger at 6:10 PM on August 21

Yahoo's mail is annoying

Are they still doing the thing where they change the scheme for generating POP3 UIDs every few months, thereby inducing your POP3 mail client to chew up all your bandwidth filling your local mailbox with duplicates of everything? Cos that was annoying, too.
posted by flabdablet at 7:34 AM on August 22

Yea.
posted by d1rge at 7:57 PM on August 22

Yea, no.
posted by d1rge at 7:57 PM on August 22