[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] Paid SMTP (PSMTP)



Questions I received show that I failed explaining the P-SMTP world to some of the people in the list. This is a further clarification.

Before you read, mark the following:
1. P-SMTP world is different. You should take your SMTP glasses before you take a look at it.
2. P-SMTP seeks how to utilize recent revolutions like cryptocurrency, end-point TEE, DANE to fight spam.

When I register my mail address to P-SMTP my current contacts/whitelists are added to white-list automatically. We can have inner-domain default, inter-domain whitelisting, etc. as explained before. Then we have the following algorithm:

IF (the sender is whitelisted)
  Fetch the mail
ELSE IF (payment script not included)
  Apply my non-white SMTP settings*
ELSE IF (syntax valid AND I am the receiver of the CommCoin (I use my private key))
  IF (RedeemCoin())
     Fetch the mail
  ELSE
     Reject the mail
ELSE
   Reject the mail

*What about the non-white SMTP settings above. Following schemes propose an option:
1. My mail account rejects the mail with *unpaid non-white* message code.
2. The sender receives the following message 
*You are not whitelisted on the recipient, yet. You may Resend mail with PSMTP to reach the recipient and/or you may send a Mutual Whitelist PSMTP request.* 
The message has a *Resend with PSMTP* button for a PSMTP sender together with a *Request mutual whitelisting* checkbox.
The message would have *Register to PSMTP* Button for the non-PSMTP user. With one-click, she can register her mail address to PSMTP and fill it with PayPal or credit card or whatever for 1-10$. Keep in mind that e-payment will be much more convenient in the future making PSMTP registration one-click. Also, Imagine that we have Microsoft, Google, Apple, etc. on board making integration, customization easy on the mail client side. Therefore, If the sender really wants to contact the recipient and similar people it is rational and trivial for her to join PSMTP.

The mutual whitelisting scheme is a 2/2 multisig script scheme. Sender signs it before sending. Recipient signs it and sends back. So the sender pushes the mutual whitelisting request button and recipient pushes the Accept Button. The multisig scheme runs behind the scenes. If a party doesn't obey mutual whitelist scheme the system detects immediately. My mail client would warn me when I am requested PSMTP by a mutual whitelister.

A PSMTP user can send SMTP to an SMTP user. How about a third scheme where a PSMTP user sends a mail to an SMTP user but with an intentional payment script signed on the recipient's mail address (maybe we should change the payment script scheme to signing the recipient mail address rather than CommCoinAddress). The mail client would signal the SMTP recipient that it is a paid mail and that she needs to register to PSMTP to collect all such money she has received until then. The PSMTP sender would not incur any cost as long as the recipient does not register to PSMTP. If she does, losing a penny is worth the satisfaction of spreading the word against spam and having an extra PSMTP peer. I would keep sending PSMTP mails to SMTP users and a dollar/user would be OK for me to invest. This makes 100 paid emails per SMTP user. A resistant SMTP user surrounded by enough PSMTP users may find 50 bucks in her wallet before she joins PSMTP. It would take a penny or two for most SMTP users if we make a good campaign.

The only scenario where the PSMTP recipient may suffer is when a potential customer or someone important that is not whitelisted gives up sending the mail. First, we take our smtp glasses off. We see a new world with new habits. If I am a PSMTP salesperson the first thing I do is domain whitelist my sales targets. I will most probably see that our admin has already domain white-listed a great deal of them already. If I try to sell to the telecom sector, I get a list of all target telecom companies and domain whitelist them. If I take the contact details of a target person (eg a beautiful girl I would like to date) in a cocktail, the first thing I do is to record it to contacts (which is whitelisting) say via QRcode. We will have more discipline and convenience in managing contacts which is good for us. Still, we may have a surprise potential client that insists on resending SMTP. Then we may still get that mail forwarded to a corporate mail address called sales_grey AT mycompany.com. This list being screened and forwarded by low-cost people. PSMTP is a movement. Reaching a critical mass is important. Imagine a time when the person insisting on resending SMTP is probably not worth contacting. It is OK to accept such false positive. After all, we can't escape probabilistic approach in life. Someone who does not really want to contact me can be a tolerable false positive. Beyond critical mass adoption, it gets less worth hiring the low-cost people screening greylists. When we reach enough adoption you would be better off rejecting those who are both non-whitelisted and PSMTP hostile.

Once a critical mass is achieved, the rest is a positive feedback mechanism flooding SMTP. PSMTP is good for every honest user. It saves the precious Internet, and yourself, it is one-click away, easy to use and actually does not cost at all. It is a movement that unites us as the Internet itself, fighting back an evil parasite altogether as one. I imagine a world that PSMTP is so trivial and useful that not using PSMTP would be unthinkable if you are not a loser. I imagine a world where PSMTP users are considered cool and then a world where PSMTP hostility is considered, ..., well, not worth receiving a non-white SMTP from, if not a spammer.

It should be clear by now that PSMTP works robustly against spam when we reach wide adoption. The question is how do we get to the critical mass... This is the difficult part. I admit that I did not provide an answer to this part yet. Without a solution to wide adoption, my proposal remains a fellow discussion. Some ideas: First, we need strong technology supporters and early adopters. Companies like Google, Microsoft, Apple, Samsung, etc; the leading organizations of the Internet ecosystem like IEFT, W3C, IEEE, ICANN, etc. other organizations like Linux Foundation, cryptocurrency space, governments, you, me, etc. The PSMTP payment to SMTP addresses scheme can be an incentive for the SMTP recipients by the PSMTP senders. Campaigns and government support ... Any ideas?

Regards,
Ersin
_______________________________________________
The cryptography mailing list
cryptography AT metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography