Old and new ways of combatting spam — both from Microsoft

Old and new ways of combatting spam — both from Microsoft

First, the old-fashioned way. Earlier this month Microsoft and the New York attorney general went after a sprawling e-mail spam ring, saying they hoped to drive it into bankruptcy by exposing what they called its schemes of deception. The company and Attorney General Eliot Spitzer filed joint lawsuits in Manhattan against members of the ring, which they said has sent billions of unwanted and illegal e-mail messages.

Beyond simply being annoying and jamming e-mail inboxes, Spitzer and Microsoft officials said the spammers have repeatedly broken the law by deceiving consumers. “Deceptive and illegal spam, like the kind we’re attacking today, is overwhelming legitimate e-mail and threatening the promise and potential of the Internet for all of us,” Microsoft lawyer Brad Smith said.

Now comes an interesting idea — this time from Microsoft Research (a formidable outfit IMHO), which seeks to make the spammer pay for email in a way that doesn’t cripple legit users. According to this BBC report, “The basic idea is that we are trying to shift the equation to make it possible and necessary for a sender to ‘pay’ for e-mail,” explained Ted Wobber of the Microsoft Research group (MSR).

The payment is not made in the currency of money, but in the memory and the computer power required to work out cryptographic puzzles. “For any piece of e-mail I send, it will take a small amount computing power of about 10 to 20 seconds.”

It would work like this: Before an email program accepts a piece of email from an unknown sender, it sends the dispatching machine a small cryptographic puzzle to solve. If it solves it, then the recipient accepts the message.

“If I don’t know you, I have to prove to you that I have spent a little bit of time in resources to send you that e-mail. “When you see that proof, you treat that message with more priority.” Once senders have proved they have solved the required “puzzle”, they can be added to a “safe list” of senders. It means the spammer’s machine is slowed down, but legitimate e-mailers do not notice any delays.

Mr Wobber and his group calculated that if there are 80,000 seconds in a day, a computational “price” of a 10-second levy would mean spammers would only be able to send about 8,000 messages a day, at most.

In a nice touch, the Microsoft research project which led to these ideas is called The Penny Black Project — after the 1830s idea of making the sender rather than the recipient pay for mail that led to the formation of the British postal system.

Full marks for ingenuity, less for practicality, alas. For this to work, it would have to become a universal email standard — and one that was not owned by, er, Microsoft. Shame.