RE:[Cryptography] Paid SMTP (PSMTP)

2018–02–27 22:53 GMT+03:00 xxxx xxxx<xxxx@xxx.xxx>[1]:

First thing’s first. Thank you for your time. I appreciate it.

Let me answer your questions in an order providing a train of thought.

* Hacker X broke into grandma’s account and sent $100 of spam. Does
grandma pay the $100? If not, who decides? If so, why would grandma
want to do this?

Let me repeat: “ …my proposal (which does not claim to be Final Ultimate but rather an additional tool in the toolbox) “. I also stated explicitely that PSMTP lives simultaneously with SMTP. So by definition I am not proposing a FUSSP covering the entire mail space.

Anyone who is not capable of installing, filling, using a crypto wallet cannot be a part of PSMTP. They can continue with SMTP. Granma can keep mailing her granchildren in SMTP.

* Spammer Y claims that Hacker X broke into his account and sent $100
of spam. but he’s lying. Does he pay? How do you tell the difference
between him and grandma?

Yes he pays. I don’t have to tell the difference. Security is crypto wallet level. If you lose your private keys you lose your CommCoins just like Bitcoin. You would admit as a cryptographer that crypto-wallets and cryptocurrency use cases increased end-point security significantly. This raises the bar a lot for the spammer.

* There are roughly three billion e-mail users in the world. How do
you plan to set up accounts for all of them and sell them all stamps?
A large fraction, perhaps now the majority, of mail users are on mail
systems like Gmail and Yahoo and Netease that have no financial
relationship with their users and do not want one.

Again, I have to repeat that my proposal is not a FUSSP. It does not cover everyone.

GMail, Yahoo have nothing to do here. I have explicitely written that you have a crypto wallet installed on your PC and Mobile. It is that crypto wallet that takes care of the coin (PSMTP) business through your CommCoin private keys. One can think of a HD key scheme to manage multiple PSMTP registered mail accounts. We will need some integration here, I admit. But the integration will not involve Gmail into financial relations. My money is at the CommCoin Network and I reach it through my private key(s) that I manage locally through my wallet app.

* Some people are much richer than others. For example, when I had a
phone SIM in India, the data plans started at 10 rupees, about 15c US,
and plenty of people bought that plan to check crop prices and maybe a
handful of messages. How do you set a price that’s affordable for
people in the developing world while not rounding to zero in the rich
world?

Again, my proposal is not a FUSSP. Anyone that cannot afford a penny cannot use PSMTP. However, the aim is to make spam less profitable. What is the point of spaming a poor guy in India who cannot afford a penny? If you have the ability to find a way to sell him Cialis, you are wasted at spam business.

* The vast majority of non-spam mail is sent in bulk, some through
discussion lists like this one, some transactional info such as
receipts, shipping notices, and bank statements, quite a lot of
marketing stuff that people have said they’ll accept. Assuming that
the list owner is not a philanthropist willing to pay to subsidize his
habit, how do you tell your mail system to waive the fee for the bulk
mail you want? How do you unwaive it? How do you do it in a way that
Hacker X can’t claim you just subscribed to his list and waive
everything and you don’t notice until your mailbox is full of his
junk?

I thought I covered that. The answer is white-listing, ie putting the sender in the exception list. Let me repeat below.

“2. How about mail lists?…

When a user subscribes to a mail list he puts the mail list address to his white-list and acknowledges that the mail list will not attach payment script to emails. Therefore, its mail client skips redeem process for the mails from the list. It has to skip if the user wants to get mails from the list. White-listing an address is much easier than subscribing to a mail list. We can provide automatic and one-click convenient ways to do that. So anyone who bothers to subscribe to a mail list will whitelist it. Since mail list white-listing is so seldom I don’t see it as a problem.”

Therefore, the mail list would not add a payment script. The recipient will accept the mail without contacting the PSMTP node because it is in the exception list (white list). You can remove the sender address from the white-list anytime, for example when you unsubscribe. Hacker X can’t claim that I subscribed to his mail list because I do it in my mail client or wallet app. I manage my contacts. Imagine the following algorithm run by the mail client-wallet couple

IF (the sender is white listed)

Fetch the mail

ELSE IF (payment script not included)

Apply my non-white SMTP settings

ELSE IF (syntax valid AND I am the receviver of the CommCoin (I use my private key))

IF (RedeemCoin())

Fetch the mail

ELSE

Reject the mail

ELSE

Reject the mail

Please note that all the reject mail scenarios above end in black listing of the spammer as I mention below.

* What is the overall capacity of your scheme? If it’s under 10,000
messsages/sec you’re not serious. 100K/sec would be better. When
making your estimates, assume that the mail is 90% spam, and the spam
will all have bogus stamps pointing at empty wallets, so you’ll have
to do the check but there’s no money to be collected.

Think of a solution that spots the spammer at the first instance of a spam mail from him and then forwarding him to the routine blacklisting procedures we already have. That would be scary for any spammer. Now let’s see if we can do that with PSMTP.

A wallet keeps track of money. That’s what it does. A CommCoin wallet never signs invalid payment scripts. An empty wallet signature is invalid. Its security is to the level of keeping private keys secret. Therefore, if a spammer wants to attack the system from an empty wallet, he would do it via an invalid script, it will be spotted as a spammer by the system at the first such attempt. The PSMTP system will then apply DNS Black Listing procedures as well as push the PSMTP blacklisting data to the relevant MTA’s. Therefore, the same address cannot send a second spam. Not to mention that the empty address is deleted from the PSMTP DB. So the simplest version of the requirement is that a PSMTP address is allowed to have empty account but is prohibited to try to use it. You can try to use an empty account once before it gets deleted. The spammer would not bother with PSMTP and sail towards SMTP. The very existence of anti-spam techniques like greeting delay, greylist temporary rejection, nolisting, quit detection all show that when there is a little bit of trick in the mail transaction, spammers don’t bother and move on to another mail address in their list where the process runs in a less tricky manner. That is the essence of brut force. PSMTP trick is much harder to cope with than those at the presented techniques. And PSMTP applies balcklisting measures immediately while these techniquies do not. I could easliy imagine that the PSMTP threat would cause spammers to stay away. How about a minimum opening deposit requirement of 100 CC (1 $) on top of that? This although not necessary, would further scare spammers away while 1 $ is nothing for someone who would prefer the privildge of PSTMP.

I certainly have to admire the chutzpah of someone who, having seen
that this idea has failed every single time it’s been tried over the
past 20 years, wants to do it again. (And, sorry, no, there’s nothing
very different about it this time around.)

When I saw so many patent applications and failures based on stamp/postage scheme to fight spam by so many experts in the field the feeling I get is “this is a good idea waiting for the right time”. History is full of good ideas that failed until the right time has come. Technolgy history is no different. The right time provides right conditions where prerequisites to succesful implementation/adoption are met. You can see so many failures and conclude the idea is completely bad or you can see so many experts having tried over and over again and may still conclude that it is a good idea waiting for the right conditions. I believe the cryptocurrency revolution is the key difference against past trials. This revolution made wallets convenient to the computer literate people who would be the first adopters of PSMTP. I see a lot of development activity at wallet/ledger and TEE spaces. I don’t see a reason why we shouldn’t get the convenience-security level of end-point/wallet private key + ledger schemes to anti-spam. Besides my proposal is different form all the past implementations I have seen. They either lack the cyrptocurrency-wallet approach or go for the wrong direction of paying high amounts to important people (earn.com). None involved an organization like IETF. Adding DANE to the list of differences now, I think there may be a chance this time.

One other aspect of PSMTP is that it does not posess any false positive nor false negative as long as private keys are safe.

Once you’ve figured these out, we have lots more questions to ask.

If you take your precious time, I will do same. After all, this is a constructive discussion.

[1] The identity of the correspondent, who is remarkable in the anti-spam space, is hidden for privacy concerns