How to eliminate e-mail spam from the world entirely in two easy steps

Spam represents more than 95% of the e-mail sent to the company where I work. On my personal Gmail account, my spam folder reflects the same experience: The daily volume there is approximately 20 times that of the legitimate mail sent directly to me.

Spam filtering, a dismal experience as recently as five years ago, is now relatively successful. Gmail’s filters are top notch, and the corporate filtering solutions we use are also excellent. However, both false negatives (spam not detected) and false positives (legitimate mail caught as spam, which I may not see for weeks if ever) are fairly common occurrences. I personally experience each of those at least once a week.

Simultaneously, not enough people seem to recognize how insecure e-mail is. I commonly see people sending passwords and credit card data via e-mail, because they apparently don’t realize that e-mail is exactly as secure as a snail-mail postcard (which is to say: not secure at all).

I first used e-mail in 1986, when I received an account for an undergraduate computer science class at U.C. Berkeley. It was my first experience with the internet. This was long before the web, of course, and the internet back then was a text-only environment that consisted mostly of news discussions (Usenet), file transfers (ftp), chat (irc), and e-mail. Back then, e-mail addresses didn’t resemble the ones we use today — there was no simple @ address. Instead you had to use a so-called bang path, telling people your account name and a list of machines that would have to be contacted one by one in order to reach the machine that had your account. So for me in that undergraduate class, it was something like mit!uunet!ucbvax!zooey!estephen. The process was error-prone and unreliable. But it was explicit about how many different machines would have to pass along your e-mail from one to another. (Sometimes a machine would not be able to deliver an e-mail until later that night; an average e-mail took 1-5 days to deliver from one end of the country to the other.) It wasn’t long before the modern @ style addresses came in, and you no longer had to tell your e-mail a long list of machines in a chain that had to be reached.

Anyone who used e-mail during that time knew first-hand that the root administrators could read every single piece of e-mail that went through their machine. Fewer people today seem to know that the same is still true now. Certain Google employees can read e-mail on your gmail account (same for Microsoft and Yahoo and their e-mail services). Your employer can certainly read your corporate e-mail. Certain AT&T employees can read all e-mail going through their backbones. Any kid with a packet sniffer can read e-mail you send from your laptop at Starbucks.

I want to say that e-mail has come a long way since my undergraduate days, but of course it hasn’t. Other than the dubious additions of text formatting (Yowza!) and attachments, the last 25 years of e-mail improvements have been minimal. Our vulnerability to spam and scams — as well as the insecurity of what we send — are proof of that. The best improvement has been the growth of free web-based mail services, especially the UI innovations of Gmail itself.

Encrypted e-mail (e.g., PGP) has been around for at least 20 years. But it’s suffered from a long-standing chicken-and-egg problem: people don’t use it because no one else is using it.

But let’s suppose that Google took the lead. Let’s suppose they changed Gmail so that the next time you logged in, you were required to create a PGP key. You were then guided through the process of storing, verifying and exchanging keys with your friends, family and frequent e-mail contacts. All of your banks and large companies would be on board as well. And starting with any e-mails sent from one Gmail account to another, 100% of the e-mails sent were encrypted and signed. There would be pressure on Hotmail, Yahoo mail and other mailing services to follow suit.

That’s step one.

Step two would be an option (completely up to you if you wanted to enable or not) to put any non-encrypted or unverified e-mail sent to you into an “Unverified Junk and Crap and Scams” folder. Over time, that folder would need to be used less and less, and the false negative spam and scams would collect there. Soon people would ignore it entirely, and only read the e-mail that was proven to be from who it was supposed to be from.

Pressure would mount for everyone to jump onto the PGP bandwagon if they actually wanted their e-mail to be received.

As a consequence: Spam would virtually disappear.

And you could send private information with a sense of security. (Not absolute security, of course, since there’s always the possibility of break-ins or the person on the other end not being able to keep your private information private.)

I want to live in that world. Let’s say goodbye to phishing e-mails purportedly from your bank, deposed Nigerian dictators looking for a little help transferring a quintillion dollars, and endless pitches for natural viagra. Let’s bring e-mail into a new era of security and reliability.

8 Responses to “How to eliminate e-mail spam from the world entirely in two easy steps”

  1. Otto Says:

    your post advocates a

    (x) technical
    ( ) legislative
    (x) market-based
    ( ) vigilante

    approach to fighting spam. your idea will not work. here is why it won’t work. (one or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) spammers can easily use it to harvest email addresses
    (x) mailing lists and other legitimate email uses would be affected
    ( ) no one will be able to find the guy or collect the money
    ( ) it is defenseless against brute force attacks
    (x) it will stop spam for two weeks and then we’ll be stuck with it
    (x) users of email will not put up with it
    (x) microsoft will not put up with it
    (x) the police will not put up with it
    ( ) requires too much cooperation from spammers
    ( ) requires immediate total cooperation from everybody at once
    (x) many email users cannot afford to lose business or alienate potential employers
    ( ) spammers don’t care about invalid addresses in their lists
    ( ) anyone could anonymously destroy anyone else’s career or business

    specifically, your plan fails to account for

    ( ) laws expressly prohibiting it
    (x) lack of centrally controlling authority for email
    ( ) open relays in foreign countries
    ( ) ease of searching tiny alphanumeric address space of all email addresses
    (x) asshats
    (x) jurisdictional problems
    ( ) unpopularity of weird new taxes
    ( ) public reluctance to accept weird new forms of money
    (x) huge existing software investment in smtp
    ( ) susceptibility of protocols other than smtp to attack
    ( ) willingness of users to install os patches received by email
    ( ) armies of worm riddled broadband-connected windows boxes
    (x) eternal arms race involved in all filtering approaches
    (x) extreme profitability of spam
    ( ) joe jobs and/or identity theft
    ( ) technically illiterate politicians
    ( ) extreme stupidity on the part of people who do business with spammers
    ( ) dishonesty on the part of spammers themselves
    (x) bandwidth costs that are unaffected by client filtering
    (x) outlook

    and the following philosophical objections may also apply:

    ( ) ideas similar to yours are easy to come up with, yet none have ever been shown practical
    ( ) any scheme based on opt-out is unacceptable
    ( ) smtp headers should not be the subject of legislation
    ( ) blacklists suck
    (x) whitelists suck
    ( ) we should be able to talk about viagra without being censored
    ( ) countermeasures should not involve wire fraud or credit card fraud
    ( ) countermeasures should not involve sabotage of public networks
    (x) countermeasures must work if phased in gradually
    ( ) sending email should be free
    ( ) why should we have to trust you and your servers?
    ( ) incompatiblity with open source or open source licenses
    ( ) feel-good measures do nothing to solve the problem
    ( ) temporary/one-time email addresses are cumbersome
    ( ) i don’t want the government reading my email
    (x) killing them that way is not slow and painful enough

    furthermore, this is what i think about you:

    (x) sorry dude, but i don’t think it would work.
    ( ) this is a stupid idea, and you’re a stupid person for suggesting it.
    ( ) nice try, assh0le! i’m going to find out where you live and burn your house down!

  2. Stephen Says:

    Well done, Otto. Did you write that form list, or has it been around for a long time?

  3. Lex Aleksandre Says:

    Once I knew linux systems I started to use encrypted email. But after some time, and seeing that nobody else used it, dropped it. It is a shame because this is a good idea.

  4. Otto Says:

    Stephen: That form has been around for years, mostly used on slashdot whenever somebody claimed to have a solution to the spam problem.

  5. Paul Westbrook Says:

    I think that DomainKeys is currently the best solution. With DomainKeys, ISP and companies can sign email messages when they are sent. Google is doing it for messages, and Google Apps administrators can configure that mail is signed for their domain.

    Now, mail clients could initially show that a received message is signed. Once a large enough percentage of received mail is signed, you could configure your client to only receive signed mail.

    I like this solution more than PGP, as it doesn’t require each user to configure a key pair, and required that the public key is shared beforehand.

  6. Stephen Says:

    Paul, I like that at the domain level, but we really need something that works at the individual user level too (e.g., “Was this e-mail really from Paul?”).

  7. Duane Gordon Says:

    True, having something that works on an individual level as well is really important. And of course hoping for a more secure email system is always on the back of every business’ mind.

  8. Rogelio Spehar Says:

    Remind people that profit will be the distinction between revenue and expense. This makes you peer smart.
    Failure doesn’t suggest you’re failure it simply means have not succeeded yet.

Leave a Reply

AVATAR: Sign up for a free avatar with Gravatar.