The magnitude of this problem has led a number of influential thinkers to conclude that sending e-mail is simply too cheap. We won’t need fancy spam-blocking tools if spam stops being profitable. Reflect the true cost in the price of sending an e-mail and the market will eliminate spam. You may get more paper catalogs than you would like via postal mail, but your real-world mailbox isn’t flooded with paper advertisements for penis enlargement services because sending postal mail costs money. That cost weeds out the lowest form of spam better than any pattern-recognition software could ever hope to.
So what’s a fair price for sending mail? And how should that price be implemented? The Internet is a famously open system, designed to encourage the free flow of information. There is no easy way to convert all the mail servers in the world to a new pricing scheme, one that would accept currency or credit card numbers from every country on the planet. And even if we could implement such a payment system, we wouldn’t want to make sending mail unaffordable to the millions of nonspammers who have grown dependent on the medium. To that end, some have proposed a penny stamp tax on sending mail. Even if you’re an e-mail addict and send a hundred messages a day, that’s still only about the price of a cup of coffee. But for a bulk spammer sending a million messages, it’s a major investment.
Perhaps the most intriguing solution comes from a company that has a major financial stake in the elimination of spam: Microsoft. Cynthia Dwork, a senior researcher, has proposed adding to the cost of sending mail by taking to heart the old adage “time is money.” Computation time, to be precise. Right now, sending a message over the Internet involves your computer talking directly to a mail server: The two computers identify themselves to each other speaking in the language of the SMTP protocol, and once that identification has been made, your computer passes along the message to the mail server, which then dispatches it across the Net to its eventual destination. Dwork’s solution is to slow that exchange down and force a computer on the sending side to solve a mathematical puzzle built out of the specific details of the message: the sender’s e-mail address, the date and time, and the message content. Messages sent at slightly different times, or to different addresses, would generate a different puzzle. “That way, if spammers want to send the same message to many different people, they will have to perform many different calculations,” she says. “Similarly, if spammers want to send to a fixed receiver lots of different messages, or the same message over and over, they will have to recompute each time, since either the message is changing or the date and time is changing.”
Dwork’s approach throws in a wildcard variable that she calls k to ensure that the puzzle solving is challenging enough to keep up with Moore’s law, the widely held assumption that the processing speed of computer chips doubles every 18 months. “The value of k is initially chosen so that computation takes about 10 seconds, and it is increased when machines get faster,” Dwork says. The end result of this approach is that instead of being able to send an e-mail message in an instant, the sending computer would have to think for 10 seconds, after which it would be allowed to pass the message along.
The time lag would be largely meaningless to ordinary e-mail users: If you had 10 messages queued up to be delivered, it might take a little longer to send them, but you’d be able to do other things with your computer while it solved the puzzle. “Most people have lots of unused computational cycles on their computers and send relatively few messages,” Dwork explains. But that kind of computational time would be disastrous for the spammers. Right now, a spammer can send millions of messages a day from a single machine. If you add a time stamp to each message that costs 10 seconds of computing time, then a single computer can send only about 8,000 messages a day. To keep up with the old rate of outbound messages, the spammer would have to buy more machines, which would raise the cost of doing business. And you don’t need to raise those costs very high to make spam unprofitable.
There is an elegance to Dwork’s approach that is almost as appealing as its practical value: After years of humans wasting time deleting spam from their in-boxes, the ultimate spam-blocking solution may turn out to be wasting the computer’s time—on purpose.