Roger Riordan: Rants & bright ideas

[The value of the Internet has been seriously degraded in recent years by the ever rising flood of spam. By a historical accident it costs essentially nothing to send an e-mail, so that spammers can profitably send vast amounts of spam if only a minute percentage of the recipients respond. In the opinion of the author the flood of spam would immediately be stemmed if the authors of e-mail had to pay the costs of sending it, instead of the cost being imposed on the hapless recipients, as happens in the present system.

This paper proposes a protocol which the author believes would achieve this aim.]


The following protocol is designed to make it uneconomical to send spam, without adding undue complexity to the present e-mail system. The general idea is that at each step along the way the sender notifies the would-be recipient that he wishes to send an e-mail containing so many addresses, quoting a request number. The recipient checks the credit rating of the sender, and if it is satisfactory he sends a reply to the nominal sender, quoting an approval number. The sender then sends the e-mail, quoting the approval number. The recipient then counts the number of addresses in the e-mail, checks that it matches the authorised number, charges the sender's account a nominal sum -- say five cents -- for each address, and then sends the e-mail onto the next step, using the same protocol.

This protocol would make it impossible to fake the sender's address, because this would cause the original authorisation to go to the nominal sender, who would simply ignore it, and it would make spam uneconomical by ensuring that the originator paid a modest sum for every recipient of his spam. It would cripple the dodgy ISPs who currently cooperate with the spammers, by ensuring they got large bills for any spam they allowed to pass through their system, and if they didn't pay these bills they would soon be blacklisted.

To guard against customers computers being taken over, and being used to send spam, each service provider could allocate each of it's customers an e-mail limit which would initially be negotiated and then be adjusted according to previous usage, or on request. For example a normal private user might be allowed by default 30 e-mails per day, and 200 per month. If he then suddenly tried to send 500 e-mails, he would be sent a please explain, and no e-mails would be accepted until he had either arranged authorisation from his ISP if he really wanted to send them, or cleaned up his machine if it had been hijacked.

The protocol would probably put an end to the free e-mail accounts provided by Hotmail and similar organisations, but it is not obvious that this would be any loss.


Roger Riordan. 24.2.2004
 © Roger Riordan 2004-2019

Proposed Anti_spam Protocol