Brad Templeton Home

Brad Ideas
(My Blog)




Jokes / RHF

Photo Pages

Panoramic Photos

SF Publishing


Articles & Essays



The Book




RHF Home

Ty Templeton Home

Stig's Inferno

Copyright Myths

Emily Postnews


World Heritage Sites

Burning Man

Phone Booth

Alice Pascal

The Rules for Guys

Bill Gates

Contact Me



One common proposal to deal with the problem of unsolicited mass E-mail, also known as SPAM is to set up a payment structure for E-mail.

I first started thinking about this at the very start of the spam problem, (around 1995) as an interesting technical solution that hits at one of the root causes of spam. I leave it up here since it was my first idea in the quest for a solution to spam. I may have been the first to think of it, but many have also come up with the same idea independently, based on the thought that if you can make even a small negative cost to spam, the problem would go away.

However, I have since abandoned and now even oppose the idea for a variety of reasons. These include the total failure of the several serious attempts to build an online money "micropayment" system or other such infrastructure, and the almost impossible problems raised by any solution that needs new software at both sender and recipient. There are also free speech concerns. As such, it remains an academic exercise.

Spam has arisen because E-mail is very cheap, and thus bulk mail is very cheap. Some assume it's because the cost is shared, with the sender and recipient both picking up their half of the cost of the connection, but the truth is that even if the sender had to pay both ends, E-mail is still very cheap -- it was designed that way.

Some people want laws to punish some types of E-mail, but even the best of those laws would not do much about Spam coming from outside the country. There will always be countries that don't have or enforce such laws, and short of the totally unacceptable course of cutting nations of the net, there is no legal solution to the problem.

There is a system which can solve the SPAM problem and does not take the questionable step of allowing governments to regulate E-mail. However, it is complex and would take time to implement. Whether it's worth it is hard to decide, but it's best to begin by understanding how it might work.

In a pure E-stamp system, each piece of E-mail would come with a "stamp" -- a string of bytes representing a small amount of money. In this case, however, the stamp would not represent money paid to the electronic "post office" (internet providers) but the potential payment of money from the sender of a message to the recipient. Money intended to compensate for the burden (both in cost and in time) of receiving an unwanted E-mail.

We get Spam because E-mail is so cheap that there are no checks and balances on sending out immense quantities. Many abusers send out millions of messages without any concern for the net pollution this causes because it costs them only a small sum.

(You'll read below that the stamps would actually be a rarely used system, though still necessary.)

Other media, like postal mail have a cost associated with each message. There is still junk mail, but the volume of it is far below that volume in E-mail. Indeed, if Spam ever got used by respectable companies the way paper junk-mail is used, the volume would be overwhelming.

Put in a cost structure and the problem goes away, or at least drops to a tolerable level. How do you do this?

Optional Redemption

The key to a workable system is making redemption of a stamp by the recipient optional, and in fact rare. Let's say Alice is sending E-mail to Bob. In its basic form, an E-stamp is in effect an electronic cheque like the following.

"Pay to the order of Bob, up to 32 cents authorized by the Bank of <mybank> -- signed, Alice."

That statement -- a legal cheque by the way -- is signed by Alice. Digitally signed, using highly secure digital signature algorithms based on public key cryptography. They assure, even better than the written signature on a bank cheque that the message, and cheque, came from her.

If the E-mail structure moves the way we expect it to, chances are that Alice's entire message is digitally signed to assure it came from her, unless she is using anonymous mail. If her message is already digitally signed, adding the E-stamp is actually pretty simple.

In such a system, Alice puts a stamp on every piece of E-mail she sends. And Bob refuses to take mail without E-stamps, at least not mail from strangers. If a stranger tries to mail Bob without a stamp, they get back a "bounce" telling them that they need to put a stamp on their mail (or follow certain other guidelines) to get mail through to Bob.

When Bob gets Alice's E-mail, he can, with a click of his mouse, forward the stamp along to his bank for redemption. Click, and the 32 cents (or whatever) is moved to his account. However, since this is a system to stop abuse, Bob actually won't do this unless Alice's mail was the sort of mail he is trying to stop.

So in fact, if Alice is an ordinary person, and not a junk mailer, most or all of her stamps expire unredeemed. She doesn't actually pay any money to send mail, except perhaps some monthly fees to her electronic bank to participate in the digital money system. It may come as part of the service of any digital bank.

If Bob does redeem her stamp, Alice's computer will hear of it. She's out a small sum, and next time she mails Bob, her computer might remind her that Bob redeems stamps on ordinary mail. Rude of him -- and she may decide not to bother mailing him.

Assuming this sort of social system is set up, people will rarely redeem stamps. Except when they get mail that abuses their mailbox -- like junk E-mail. Those sending out a junk E-mail to 100,000 people may find most of them redeeming the stamps, and the mailing now costs $10,000 instead of $200.

For the odd people who redeem just to be rude, the cost will be low enough to not be a major concern.

What is a stamp?

An E-stamp starts with a special digital token issued by some sort of digital money bank. Each token is unique, and digital signatures from the bank assure that. Each one also expires within a short period. A minimum of two days perhaps, but set by the user to typically a week. During that week the money is "on hold." In the basic form, each one also identifies the buyer, so any attempt to use the same stamp twice runs a high risk of getting caught. There's no reason these stamps would not be viewed as cheques under the law -- and there are serious penalties for deliberately writing bad cheques.

(There are a few ways one could design this to make it actually impossible to use the same stamp twice by passing a version of the message [known as a 'hash'] through the bank with every mailing. However, this has some costs that make it unreasonable for most E-mail. More on this later.)

The bank issues the stamp if it feels you are good for the money. That's between the bank and you. If you feel you might mail 50 messages over the expire time on the stamps, you would only need to have $16 on deposit at the bank. That's on deposit, not spent. You only actually pay the money if somebody redeems your stamps. And since stamps will actually sent quite rarely, having as little as a few bucks on deposit might be enough. If you run out, you can always get more -- you only get in advance what you need to use before your next connection to the bank.

A company wanting to do a bulk mailing of 10,000 pieces would need to have $3,200 on deposit, or a line of credit to that amount. If people liked their mailing, the money would not be debited.

Every so often, your bank would send you, in a mail message of their own, enough stamps to handle your likely maximum needs. As long as you had the credit with them, there is no problem. The stamps expire in some short time, such as a week, so you need a new supply at least that often. Your mailer program knows to take them and put them in each outgoing E-mail. (The expiry date is up to you, with the only restriction being that you could not use a stamp that was due to expire in under a day, to give the other person a chance to redeem it.)

If you run out, you can ask the bank for more live over the internet, if you have the money. And we're literally talking tens of dollars here, so this is not a burden. All but the very poorest people might just pick up 100 stamps each week so that they never run out. This is very easy and cheap for the bank to do.

Every piece of mail

Now that I've described the basics of E-stamps, I'm going to say that you actually wouldn't need to use them very often. That's because most people would configure their mail program take mail from people they trust without any stamp, or with a "personally issued" money-less stamp. You don't have to be a bank to issue a stamp that you yourself will validate. A "bank" is really just somebody that a stranger can use to mail another stranger -- somebody both parties will know.

So if Bob mailed Alice, and Alice is replying to that message, Bob's computer can know that and won't demand a stamp on the reply. The vast majority of E-mail is actually replies. In fact, if Alice and Bob work for the same company or are on the same site with secure E-mail, they don't need stamps. In fact, if Alice and Bob have ever corresponded in the past and have reason to trust one another not to abuse E-mail, they don't need stamps.

The only mail that turns out to need a stamp is the first time mail from somebody you don't know. Only then is the stamp needed as a statement of good faith. And that's actually pretty rare. How often do you mail a total stranger? Generally not very often. Usually it happens when you reply to a posting in a public forum, or mail an address given on a web page, or initiate mail after meeting some other way, or get a referral from a friend. For most people, just a few times a day. And that means the number of stamps needed -- and the cost of the stamp system -- remains pretty low.

Of course a junk mailer mails thousands of people to whom he is a stranger. But that's who we are trying to curtail.

Site Based Stamps

The system can be made even easier to implement if sites, rather than users, take on the responsibility of putting stamps on mail. IBM, for example, is probably willing to take responsibility, on behalf of its employees, to stamp their mail or certify them as non-abusers.

A site like AOL might not do that for freshly signed-up "free trial" accounts but might be happy to handle the procedure for established accounts with good credit and history, billing their credit cards for anything redeemed. That means nobody at a big site even needs to install any new client software.

Money-less Stamps

In fact many people need not have a stamp at all. All they really need is a certificate from somebody who is widely trusted that says that they have sworn to act under ethical standards in using E-mail; in particular not to use it as a bulk advertising medium against the will of the recipients.

Most people can swear that easily. And Bob is probably willing to accept mail from somebody who has made that affirmation, and can be held accountable if they break that promise.

So why would we even need the stamps at all? First of all, there might be people who can't make that promise -- not just junk E-mailers but corporate bulk mailers doing more respectable mailings, such as newsletters for their customers.

And secondly, we must protect the right to send mail without giving our identity.

Anonymous mail

Sometimes we need to communicate without revealing who we are. Not just if we're whistleblowing on a lawbreaking employer or publishing a criticism of government policy. Sometimes just to protect our privacy, because the other party has no right to know. "If you have nothing to hide, what are you afraid of?" is one of the greatest fallacies advocated by the regimented society.

Of course, anonymity can be abused -- to harass, commit offenses and disturb the net -- even to send Spam. E-stamps can strike the balance when it comes to E-mail.

You see, one can design E-stamps that don't contain the identity of the sender. There are a few ways this can happen. They provide different levels of identity protection, with different risks.

E-mail address is not your true name

Large numbers of people use E-mail that is not under their true name. The E-mail address is just one form of identity. But it's all that is needed for E-mail. A stamp is issued to an E-mail address, not a person, though the bank usually wants to know who the person is in order to deal with them if they try to re-use stamps or pass bad ones.

The most common forms of identity hiding simply rely on a "Swiss bank" of sorts, that knows who you are but doesn't reveal that in its stamps, just the e-mail address you have. The party that provides your E-mail has to protect you as well -- and they might also be your bank for that matter.

That's actually been the most common method of typical anonymous communication to the public, when people write under a pen name or act as an "unnamed source" to a reporter. Many people trust it, but it's always possible that a court order, or break-in, can get your identity extracted.

Numbered Account Swiss Bank

It's also possible to set up a party that acts as a stamp bank but doesn't know who you are. It only knows the secret pass-number you gave it. You contact it, when you choose, to do transactions.

The disadvantage to this is that bank will actually insist that the money to cover the cost of E-stamps be on deposit. They may never see you again. In addition, you must route your anonymous mail through the bank or some similar party, because they must have a system to stop you from using the same E-stamp twice. In this latter case, the E-stamp is generated and bound to the "hash" of your E-mail. (A hash is a number unique to your message, but doesn't let the bank actually read your message.)

You don't actually have to have the money on deposit, but when you route a message through the "bank" you need to offer the money as digital cash.

Truly Anonymous

David Chaum of Digicash developed a means to provide truly anonymous digital cash that could be used for E-stamps. Currently this system is patented.

I won't explain the details here. However, the one downside is that with true anonymity, you can't easily get information back on who redeemed your stamps. So you will be risking the money every time you make an anonymous mailing to a stranger. If the cost is low this is not much of a burden.

Mailing lists

One large question concerns legitimate mailing lists. They are often run as hobbies. The sender can't afford to put a stamp on every mail sent out to a list subscriber.

There are a couple of answers. The simplest is that you don't require stamps from mailing lists that you join. You either tell your own mail tools about the list when you join, or, alternately when you subscribe you pass along a private stamp of your own for the list owner to use in mailing you. With digital signature technology, this can be a string usable only by that list, so it can't be stolen and used by others. (Digital signature technology in general stops stamps from being stolen by others.) It can also just be a special E-mail alias you use only in subscribing to the list and don't reveal elsewhere. This address doesn't check for stamps.

Another way, similar in some ways to the first, is that when you subscribe to a list, you send a special.stamp that doesn't expire. The list owner keeps it. Then, if you are ever so rude as to redeem a stamp on a list message, the list owner redeems your never-expire stamp and takes you off the list, and it comes out even, or actually negative for you because the never-expire stamp equals a whole day's volume of single message stamps.

But frankly the simplest scheme is to improve the mailing list subscription mechanisms so that when you subscribe to a list, your mailer knows about it and just lets that mail in.

Mail to the list of course still needs its own protection. That can either be simply by only allowing submissions from list members (which many lists do today, though not with the protection of digital signature) or requiring stamps to the list owner (not to the list members.) Lists have to protect themselves from junk e-mail in other ways, including pre-screening of messages that don't come from list members and so on. Many lists do this already.

Lists may also just use a very high stamp value. A list owner who redeemed such a stamp from an ordinary submitter might well not get many more submissions.

No Government

You will notice that none of this involves the government, other than by invoking the already existing laws about writing bad cheques. In fact it's one of the few anti-abuse techniques that doesn't need any government, and that's good because other laws can't stop abuse from outside their jurisdiction, and this system can.

All of this depends on a right you already have -- the power to control your mailbox and who is allowed to send mail to it. Today may people exercise this power using the unverified "From" address that comes on all mail. Digital signature technologies make that address 100% reliable, and thus more useful in controlling who can send you mail.

You can limit your mailbox today. The concept of E-stamps and other uses of digital signature are actually proposed so that people don't have to limit their mailboxes very much at all to stop the junk E-mail problem. It's easy to say "I will only accept mail digitally signed by people I know" and the technology for that is actually available now.

You want a way to get mail from strangers too, without opening up your mailbox to abuse by those strangers. Stamps, and certificates of having sworn to ethical E-mail behavior are two ways to do that. The stamp system doesn't require people to use digital signatures. It simply enables mailbox owners to say, "If you want to mail me, and I don't know you, you need to have a digital signature."

In effect, the stamp becomes an overture of good faith. "You don't know me, and in order to convince you to accept my E-mail, here is a token of my good faith that you can redeem if you feel in the end that I have abused your mailbox."

The stamp is in a way an old-fashioned letter of introduction, or a desired and legitimate bribe.

And it avoids the government regulating who we can E-mail, and about what. Instead, it puts the choice into individual hands.

More Logistics

Fully formed, the stamp system is complex. It requires a new generation of mailing tools. But new generations of mailing tools come about every year or two these days. It's a fast moving world.

Properly implemented, the sender doesn't even see the system once it is configured. It's all automatic -- the arrival of new stamps from the bank, the sending of them on mail to unknowns, etc.

For the receiver, there is just an extra button to click after reading a mail, marked redeem. The system does the rest.

There can be many banks and many stamp technologies, as long as there is one simple way to confirm a stamp is valid. You don't have to redeem a stamp with the bank who issued it. Like any cheque, you go to your own bank to redeem it, and it gathers them up and redeems for you from the issuing bank. That means that just like ordinary cheques, each person keeps a relationship with just one bank.

The system works most easily with non-anonymous mail, but in fact the vast majority of mail is non-anonymous. However, the nice thing about this system is it allows anonymous mail while providing an inherent limit on the abuse.

It should be noted that when I write "non-anonymous" I don't mean "identified." I simply mean "replyable" with some path of accountability. It is not mandated that I send mail under my real name in such a system. I can send it as any made-up E-mail address. When I talk about allowing mail in from people you "know," that doesn't mean knowing their true name. It means knowing a name, and allowing mail in from that name.

How would this all be implemented? It would start first with the creation, already underway, of digital signature infrastructures and certificate systems. People then start signing their mail with a digital signature. The protocols for this are already in place and some mailers already implement them.

As noted, that system, once widespread, lets you identify who is mailing you and quickly and reliably spot people you have corresponded with before.

Divert, not reject

Any technology of this sort, or any other filtering technology doesn't have to reject mail that doesn't fit its criteria. It can instead just divert it into "lower priority" channels or folders. That means you don't have to throw away mail that doesn't come with a stamp or signature, you just put it in a different queue, that you look at less often.

That queue of course is going to be mostly filled with junk E-mail today. Eventually it may get the point that the system is so widely adopted that you just throw away that queue. But the system does not have to be implemented "all or nothing." It can be adopted one user at a time.

Civil Rights Issues

Does this chill speech? In some small ways. Any technology that allows people to block speech will, of course, end up blocking some speech.

Fully open mailboxes with no restrictions means junk E-mail. This we know. The question is how we chill the junk E-mail and avoid chilling desired mail, including legitimate mail that solicits business between strangers. It's up to each individual person to decide what mail is desired and what isn't.

Some people would use this system to tune out all E-mail from strangers. This is their right. Some might require stamps of $10 each, effectively tuning out mail from all but the most eager (or wealthy) of strangers. That again is their right.

Examples of Transactions

You send mail to anybody. Your mail includes a small digital token in it -- perhaps encoded in the message-id, which is usually returned on replies -- which your software can recognize, because it's signed by you. To prevent it leaking out, it only works for mail from the specified user or for a limited time. When they reply, they use this token. Your mailer spots it and lets the mail through. All replies to your mail get back to you.

You send mail to somebody you know. It's digitally signed, either with your real identity if not anonymous, or an "digital pen name" that you use regularly but can't be traced back to you. If the person knows your identity, they remember the key you use to sign things. They will let it through.

You talk to a well known certifying firm, identify yourself and sign a pledge to follow a code of E-mail ethics, including no junk E-mail. They give you a special certificate, usable only for your identity. You include it when you mail. Others recognize it and let your mail through.

You think you know somebody but they don't recognize you. They bounce the mail in a special way, newly defined in protocols that says they insist on a stamp of a certain amount. Your system catches that and either adds the stamp, if you programmed it that way, or bounces the mail back to you.

You are sending mail to somebody you don't know and you know you need a stamp. You take one from your pool, adjust its parameters (amount of money, payee etc.) and sign it along with your message.

You want to send an anonymous message. Use a bank that handles these. You may elect to route through the bank, so they know who you are, or you may use totally anonymous communication. In the latter case, you may only get to know if your stamps that day were redeemed, not by who.

You get a message that annoys you. You save the stamp away. At the end of the day your system gathers all the ones you saved, and forwards them to your bank. Your bank verifies them and distributes them all to the banks that issued them. The money is credited to your account.

Almost no money involved

There's no reason, other than income for the banks, that the "first $10" of stamps for each person could not be free. And of course, the first $10 of redemptions not paid either. (Or the first $15 to make $5 of income for the bank if they are redeemed.)

In such a scheme you only have to pay in money if you start getting a lot of people who redeem your stamps -- ie. if you are a junk mailer. But ordinary people, sending ordinary mail, never getting redeemed, might find themselves never being involved with money at all. That free $10 might come every year, if such a plan worked out.

Lots of money involved

It's also entirely possible that junk E-mailers might accept the cost and pay it anyway. And many people, if they could make 32 cents (or whatever price they want to set that people will pay) for every piece of junk E-mail they receive, might be glad to do it. Some people have been proposing paying people to receive advertising. If people want it, this system could enable that.

Things to Remember

This is largely predicated on the arrival of two things -- a digital signature infrastructure with associated software tools in mail, and a digital money infrastructure including digital cash. Most people think this are almost certain to arrive soon, and without any involvement from the E-stamp concept.

Digital signature on E-mail does not mean signing all E-mail in blood. A digital signatures just assures that a messages came from the holder of a special magic number called the private key. At a minimum it lets you know two messages come from the same party, and it can also be used to allow you to know attributes about a party that were certified by some other trusted 3rd party.

Those attributes might include the person's "real identity" but they need not. They can be anything, from an E-mail address, to just a sex, to just an assurance that the trusted party thinks they are an honest person or that they signed a declaration of ethics over mail.

There is no requirement that the trusted third party be the government. Some people are pushing for that, but short of draconian law, it's up to you to decide who you trust. In this case the primary trusted third parties are digital money banks -- which don't have to be very big entities, and perhaps a network that allows banks to decide to trust one another. You would work with your choice of bank, and it would work out a system for deciding what other banks or networks of banks it trusts. You don't have to worry about that. You have one (or more banks) you trust and they do the rest.

More recent improvements to the concept

Many people keep independently proposing this idea, because it does at first blush have some clear merits. Here are some improvments that have arrived on the scene.

CPU Stamps

Instead of offering money, each mailing can include proof that some amount of computer CPU time was spent on that particular message. (This can be done by solving a problem that can only be solved by brute force related to the message.)

You then know the sender spent this CPU time. For ordinary mailers, 10 seconds of CPU time is cheap, but no bulk mailer can afford this for every message.

It's possible even to send back the "postage due" error with a Java applet that will do the CPU calculation on the sender's machine in the background. A minute later, after it figures out the number, it sends it back and the mail is delivered. Thus the sender needs only a Java enabled mailer, and simply reading the postage-due is enough to act on it and get the mail flowing.

Charity Stamps

Instead of optional redemption, some propose the money go to charity. It is hoped that this will make the demand for money for one's precious attention less of an affront. It also solves problems of people gaming or hacking the system, as they can't make money for themselves.

Combination with challenge/response and other systems.

If the user doesn't have stamping software they can respond to a challenge, known as a "turing test" that proves they are not a mailing program but a human being. Of course, if you have that, you don't need the stamps, unless the challenges become annoying enough that you want to bypass them in advance.

Reusable stamps

If stamps can be re-used, then mailing lists can put the same stamp on all copies of a mailing. With such stamps, if two users redeedmed the same stamp, this would raise the alarm, and the stamp would be cancelled, and a message sent out to allow people to refuse to accept it.

Reasons E-stamps won't work

The core concept behind e-stamps is good -- if there can be a small sending cost associated with e-mailing, the problem of spam does go away. At least the random spam by low-lifes that is ruining our mailboxes. More serious mailers with more finely tuned lists might well continue, since they are willing to spend 50 cents to a dollar to send direct mail pieces to large bodies.

There's no digital money infrastructure for small transactions

Many attempts to build a micropayment system have failed. The demand just isn't there yet. There are larger payment systems like PayPal, but their costs make it impractical to bill less than a couple of dollars with them. Payments like 25 cents are out of the question.

A better idea not involving money was developed

A number of people have suggested the idea of "CPU coins." One is HashCash. The idea is to require, with each E-mail, a large number that is unique to that E-mail but takes several seconds to compute on a modern CPU.

Cleverly, spare CPU is free for ordinary users so this is not much of a burden. However, a mass mailer would need to spend a lot of CPU to do their mailing. A million piece spam would require 4 million seconds of CPU with a 4-second calculation, or 47 machine-days. Suddenly it's not so cheap. Bump the CPU cost and you can get the level you want.

This solves the digital money problem, but still retains all the other troubles.

You can't demand the sender do much that is special

We're trying to stop spam, not all communication from strangers. In fact communication for strangers is a fundamental part of a free society. (More on that later.) If somebody unknown to you sends you a mail without an e-stamp, what are you going to do? You can put it in a different folder for later scanning, or bounce it back requesting the stamp be added.

That's a big request. It means the user has to either go through a complex process, and in the long-run, to avoid these bounces, has to get new mailing software or a plug-in for their existing one.

Alas, a good chunk of the mail from strangers is mail trying to do you a favour. For example, if you post a question on USENET or a web site, people might be mailing you the answer. They might see you have something in common and want to talk. They might really have something to help you. And yes, they might even legitimately have a product to help you. That can be a quasi-solicited commercial E-mail or even a UCE you wanted.

Point is, if they think they are doing you a favour, and you send back a bounce telling them to get new software and telling them to get an account at a digital bank and telling them to offer you money for the privilege of getting your mail read, then they will generally say an impolite phrase and decide if you're that hard to mail, they aren't doing you any favours.

Yes, if they desperately want to reach you, then they will do the work and offer the money. But think to yourself -- when you've mailed somebody new, has this always been the case? I know it isn't for me.

And so we cut off an important component of communication in society.

Innovation Killer

A requirement to include money (offer or otherwise) with E-mail can be a serious barrier to innovation. It requires that anybody who builds an application that sends E-mail, in particular web applications that send E-mail.

The apps must either spend money for email they send, or possibly have a means to allow users to put money in accounts that can be used to send mail. This also means apps must have a financial justification to exist.

Would we have seen products like Hotmail, GMail, or eVite if you had to include money with emails sent? Would social networking systems like Friendster or LinkedIn have been possible to do free? Could they have existed if they weren't free?

I'm building an application that sends E-mails on behalf of users to invite other people into phone calls. It includes a free version. Will I be able to let it be free? If so, what will pay for the fees.

Mailing lists have a problem

Almost all spam solutions do create a problem for mailing lists. In most cases, users must configure all mailing lists they subscribe to to allow them in. Mailing lists may also have to get new software to identify themselves to get past the filters. Not a great situation. Clearly running a list becomes harder. The list might demand an offer to post to the list, but it would have to be a very high offer, since a large list is still cost effective if you have to offer $1 and get to mail 5,000 people.

Worse are the millions of ad-hoc mailing lists out there. I have one myself. When I meet interesting people in the area, I put them on my social list. I invite them to parties, EFF events, tell them of new essays and photos I have put up on my web site. They can of course ask to be removed, and only one person ever has, since mails are infrequent. Some of the people I know well. Some are people I met briefly and exchanged cards with. Some are people I met at conferences and entered from the directory. A lot of people have lists like this, I know I am on many of them. Most people don't define this as spam (though the most zealous do). Since there are many people on my list, what do I do? Offer lots of cash to mail it? The list is too infrequent and has no mailing list software, and people are not aware they are on it until they get the first mail, so they can't pre-screen it.

At first, nobody will be doing it

Many systems have a chicken-and-egg problem, and only some overcome it. At the start, few people would be offering such stamps. That means you really can't reject all mail that doesn't come with them. In fact, you can't even do anything special to it. Only when a decent fraction of your desired mail has stamps will you be able to use the existence of the stamp to make a filtering decision.

But until people are doing that, what's the point of including the stamps? They are just a financial risk, or a CPU burden.

This applies to all systems that require the sender insert a special code. For example, another old idea of mine was to have a trademarked tag that approved senders could put in a header. Any spammer who put the tag in without permission could be sued. A friend has a new business trying to promote that idea, but it also has to overcome the chicken and egg problem. They are taking one useful approach which is putting a focus on legitimate bulk e-mailers, operators of large opt-in mailing lists.

These mailers are facing a lot of problems due to overzealous spam filters. The filters can't tell the opt-in mailings from unsolicited ones, and block real mail. That problem can be helped by tags on the mail, be they stamps, digital certificates or a trademarked or copyrighted string. But it's a minor improvement at best.

Unfortunately there is a trade-off that can't be reached. If you send out lots of "postage due" rejections to unknown mailers, you are sure to block legitimate mail and annoy honest folk just trying to do you a favour. If you send out very few, nobody is really incented to join the stamp system. I don't believe there is an intersecting number that is just right.

Virus vulnerability

If E-stamps are done with money instead of CPU coin, there becomes a giant incentive to write an E-mail virus that causes millions of people to E-mail a dummy offshore E-mail address, where you take the money and run. To fight this, it is necessary the payments be repudiable if there are a large number of complaints of this sort.

Unsolicited communication is free speech

This concept is a hard one for some to accept. In a free society you have the right and ability to just go up to somebody and talk to them. To call them up. They don't have the right to be protected by law from being annoyed by such overtures. (They do have the right to be protected from harassment when the unwanted overtures are deliberately repeated.)

This is a good thing. A free society flows on such communication. The problem is it's being abused by spammers. But the answer is not to throw the baby out with the bathwater, and lose the vital unsolicited one to one communications on the way to stopping the automated bulk mail abuses.

The internet runs entirely on private property, so we need not always care about things like constitutional guarantees of free speech. But is that a good thing or a bad thing? "The first amendment isn't just a law, it's a good idea" as I like to say. When we design our new systems of communications, the fact that we're doing it with private property and are not legally bound by such principles doesn't mean we should ignore our moral duty to them. If we believe we have such a duty -- and I do.

That doesn't mean we are hogtied when it comes to spam. It just means we must hunt hard to stop spam by the least restrictive means, protecting ordinary person to person communication (even if it dares to annoy and offend us) from limitation. Including false-positives in our spam tools that block or seriously impede legitimate E-mail.