![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
Dear Mr. Gates,
I read in my morning news that you are claiming that Microsoft will give us a spam-free Internet by 2006. You're nothing if not ambitious, Mr Gates. However, what you're proposing is a Final Ultimate Solution to the Spam Problem (FUSSP). Speaking at the World Economic Forum, you outlined three potential technologies, which would force senders not in a person's address book to prove they're not spam.
http://www.miami.com/mld/miamiherald/ne
Your first approach is called "Challenge-Response", and is as evil, bad and wrong as spam itself. What's worse is that your proposed approach to C/R requires human interaction. There are many important email systems that will simply break if you do that. Meanwhile, spammers will learn to create spam crafted to look like responses to challenges, which (if your system is to work) MUST be let through. Finally, many of these "puzzle" challenges actually fall QUICKLY to machine-learning algorithms (and quite simple ones at that). Challenge-Response will not slow a spammer down one bit.
See: http://www.freedom-to-tinker.com/archiv
Also: http://tardigrade.net/challengeresp
and: http://static.samspade.org/spamarrest.h
finally: http://www.politechbot.com/p-04746.h
Your second approach is called "Hash-Cash". First and largest problem with this is adoption. Enough people have to adopt the system in order for it to have any effect. Another problem with hash-cash systems is that they quickly fall prey to "Moore's Law Inflation". The price of the computation must double every 18 months to keep up with increased processor speeds. This penalizes users of older systems, and causes the "price" of email to skyrocket with each new generation of processor. Hash-Cash adds overhead to all email. End-users will want to avoid paying out in hash-cash, and so a simple method of avoiding hash-cash needs to exists. This will become a loophole which spammers will exploit. Hash-Cash will not slow a spammer down one bit
Your third approach is called "e-postage". There are plenty of e-postage proposals out there. All of them are evil, bad, and wrong. Most of the e-postage schemes involve huge infrastructure changes to manage the micropayments. Micropayments have proven unpopular with end-users. End-users will want a way to AVOID making micropayments, that is simple and transparent. Infrastructure costs will make RECIEVING micropayments unpopular as well. In the end, the simple and transparent method for avoiding them will be exploited by spammers. E-postage will not slow a spammer down one bit.
http://www.unicom.com/chrome/a/000263.h
http://www.interesting-people.org/archi
In the end all three systems start with, and devolve into, simple whitelists. If whitelists were any good at all, everyone would use them. However, whitelists break email's core functionality, and so most people don't want them.
Mr. Gates, it is good that after eight years you are finally paying some attention to the problem of spam. However, your ideas, and those being pursued by your company will not result in one iota of spam not being sent, nor will it inevitably end all spam by your deadline of 2006. All of them have been around the block many times in the past eight years, and if they were any good, we'd be using them already.
