Yesterday the company email server was restored, but it requires a temporary bypass of our external spam filter. When I connected this morning, my inbox was full of spam. This is an unfortunate consequence of my address being visible in the public technical documents of the W3C and other locations on the Web. Anyone who works for such international standards bodies must suffer this problem. Our email addresses are routinely confirmed every time we post to one of the many public mailing lists that deal with our specific standards and related issues.

With the temporary absence of the external spam filter, I am receiving much more than I would normally receive. Some of the spam is incredibly outrageous. And that’s just from reading the Subject headers.

Sadly there’s no way to stop this spam. There is no way I can tell the senders that every unsolicited message is immediately deleted.

Filters are not foolproof either. For example, under normal circumstances there are four filtering processes applied to my incoming email:

  1. External third-party filter prevents most UCE from arriving at our server. This system uses a combination of pattern matching and black/white lists.
  2. My email client has a built-in Junk E-mail trap that is regularly updated by the vendor.
  3. A plug-in for my client performs a Bayesian filter on any remaining messages, using a word-based analysis of previous good/bad filtering decisions.
  4. The few remaining spam messages are filtered by me, manually, upon inspection of the Subject headers, which in turn helps to improve my Bayesian filter.

It’s a lot of work to avoid the mountains of unpleasant spam. But here’s an idea I wish we could employ: financial punishment. It works like this…

Whenever you email me, you receive an automated response that requires you to pay a small fee, let’s say $1, to permit your email to be delivered. Then, when I read your email, your money is refunded. If, however, I read your email and decide it is spam, I close the message via a “punish” button, and you don’t get your refund. Similarly, if I don’t read your email within a month, you don’t get a refund. The automated payment mechanism can be built into the email clients so that users see no difference in the way email is operating. You just top up a reservoir of funds to enable your emails to be sent, and so long as your recipients are not seeing you as a spammer, it costs you nothing!

In general, genuine email costs the sender nothing extra. Only the spammers are affected. They can’t send spam because it will cost them real money, unlike today where they can send millions of messages for next to nothing.

Of course, the hole in this plan is that a trojan/virus could get hold of your email client application and use it (and your money) to send spam. That’s the one flaw I haven’t figured out yet.

Categorised as: Uncategorized

Comment Free Zone

Comments are closed.