A Better Spam System

Everyone hates spam. That is a lie. In order for spam to be worthwhile, some people must be using it (and they supposedly are). But I don’t and I don’t want it. I have a proposition (that, of course, will fail).

A new rash of spam has been flooding my inbox. My spam filter doesn’t pick it up because the text in it doesn’t say anything about viagra, porn, cialis, stocks, or anything else to get a guy going. It just has bits of novels or technical manuals and an image attached that has text about what they really want to sell. Supposedly, these spammers want to un-train spam filters and it might just work. I have to manually delete these e-mails so I don’t mess up my filters.

Everyone I’ve ever talked to hates spam. But some people are reading it and acting on it. If someone wasn’t, spammers wouldn’t bother. The problem is that more people don’t act on the spam. Some people, like me, recognize spam based on subject and senders and never even open it.

What about us?

Spammers buy large lists of e-mail addresses and send e-mail to everyone on the list, perhaps cross checking against list of known dead addresses. There is no way to get off these lists without deleting the e-mail account, which really does no good.

There was supposed to be a do-not-spam e-mail list or some such nonsense. This might work if spammers could be held to some law. Not every spammer is in the US. Not every spammer in the US spams through US servers. It’d be worthless and impossible to keep up with.

I propose the opposite. We need a do-spam list. Here’s how it would work.

First, spammers would login to some web site and enter every e-mail address they have. Any duplicates would be ignored. Then, every spammer would have the same large e-mail list. Spamming would continue as usual based on this list.

The database that holds the list would have three fields: email_id, address, and last_click.

Second, spammers would introduce unique URLs per-address. So, a link to the spam site would be something like http://getsomeviagra.com/?uid=3476. When the recipient clicks this link, the recipients e-mail address would be found in the do-spam list and the last_click would be updated with the current date and time.

Third, a daily cron job would go over the list and delete every e-mail address that had a last_click older than, say, 30 days. Use of the list would continue as usual while the total number of uninterested parties shrunk.

Fourth, the spammer could optionally keep his own database based on the existing users in the do-spam list. The spammer’s database might track what sorts of products the particular recipient is interested in. For example, some guy might click on porn and stocks, but not viagra because the guy is 30 and has no problems with getting an erection. That data could be shared via affiliate programs, if desired. Then, spam could be more targeted and might convert better.

By simply removing people like me from the list due to inactivity, spammers would have a higher return on investment. It would create more targeted spam and drastically reduce the amount of money spammers spend on finding victims.

There are only two issues. The first is getting new addresses. These could be collected by traditional methods. The second is that spammers can’t be trusted to manage the list. So, I propose a disinterested organization run open spam e-mail relays that use the do-spam database. All spammers have access to is the unique ids for the e-mail addresses but not the e-mail addresses themselves. Spammers would have to register with the website, and probably pay a fee to make sure they are serious about spamming.

I imagine there are still bugs to work out, but I think this is a good start. Feel free to post your own thoughts, problems, and ideas on the subject.


Comments are closed.