Could E-Mail Postage Produce Pick-Pockets?

How much would it have cost legitimate emailers and marketers had they paid “postage” to send the tens of thousands of unsolicited messages I received from them this month?

Most messages weren’t, strictly speaking, what many would define as spam. Torrents of virus warnings and other autoresponders were triggered by the MyDoom virus, which (like most contemporary viruses) spoofs messages from everyone in an infected PC’s Outlook contact list. Roughly half my mail consisted of automatic responses to email I never sent.

To keep things interesting, a malicious bot was meanwhile busily opting one of this site’s email aliases into literally thousands of Yahoo Groups, and hundreds more e-newsletters. Each “opt-in” resulted in either a confirmation email or (from less-enlightened publishers) a full-fledged, unsolicited subscription. All the email messages were sent in the good faith the address owner had legitimately opted in.

As this not-strictly-speaking spam snafued our servers, email “postage” (charging bulk senders a per-message fee to ensure delivery) was booted into the limelight. Bill Gates talked it up in Davos. ISPs such as MSN, AOL and Yahoo confirmed they’re investigating the option.

The pros and cons of stamped email are being seriously debated (read Hans-Peter Brøndmo’s excellent column). What no one’s talking about is this sort of “good-faith spam.” It poses a serious stumbling block to email postage (and even to bonded sender programs such as Vanquish and IronPort).

This hasn’t been addressed. It hadn’t even been considered by any of over a dozen ISPs, marketers, email vendors, or architects of paid email systems I’ve spoken with. None have worked out how good-faith spam, triggered by viruses, autoresponders, and opt-in bots, would be dealt with once commercial senders agree to pay per-message postage.

As usual, the problem is less about getting the good guys under control than it is about stopping bad guys from exploiting the system. Stamped email does have merit. But if the bad guys can use it to wring money out of enemies or competitors, or simply to wreak havoc, paid email is unlikely to achieve signification adoption — or a second chance.

That’s bad for legitimate mailers, who want their messages delivered and opened. It’s bad for ISPs seeking a revenue stream to help combat spam. It’s bad for consumers who want to cut through email clutter and avoid higher access fees.

“Bots will torpedo the whole concept of paid email,” said one techie, who notes the programs that spoof opt-ins are simple enough to be written by 14-year-old coders.

“It’s such a complex issue. From Microsoft’s point of view, there are not answers to that right now,” admitted a company spokesman. He confirms levying micropayments on senders is a solution the company is looking into, “but that’s the least developed. You will not see anything from Microsoft on micropayments for at least a year.”

“I wouldn’t deny there are those possibilities,” confessed Richard Gingras, president and CEO of Goodmail Systems. Goodmail’s been in the news as the paid-stamp provider in talks with the three leading ISPS and others. Gingras expects his service to launch as early as this summer.

“There are many existing methods to monitor and address high-volume misbehavior by bots — monitoring levels of activity, double opt-in confirmations, etcetera,” he said.. “Such mechanisms help a volume sender detect and address a sudden surge of a hundred thousand illegitimate subscription requests.”

Gingras said his system will have to take into account how to respond to situations such as the ones outlined above. “There’s an awful amount of spoofing today,” he added.

E-mail postage, Gingras believes, can “create an area where we can restore functional behavior and trust. Many methods used to address spam have negative, unintended consequences. Two-thirds of consumers have lost messages to false positives. A positive, functional solution makes great sense.”

He shared not-yet-published company research. In it, 75 percent of consumers don’t believe mass email should be free; and 77 percent said they’re more likely to open a stamped message. Goodmail is developing a sliding-scale fee structure to accommodate large, medium-sized, small, and nonprofit bulk senders.

AOL’s head of email operations, Brian Sullivan, believes there’s plenty to work out, not least of which is enabling easy payment transactions, before email postage becomes a reality.

Some angry marketers fume they’ll never pay. “Preferred practitioners of double confirmed opt-in should be exempt from postage,” grumbled one large publisher. He blames the Direct Marketing Association (DMA), a double opt-in opponent, for the fact his organization may one day be forced to pay for e-newsletter delivery.

There is, however, broad publisher support for a clause Gingras says ISPs insist on: “Bounces should count. If emailers aren’t behaving properly and cleaning their lists, then in the view of ISPs, the stamp will be cancelled and the sender will be charged.”

There’s an upside. E-mail postage practically mandates confirmed double opt-in subscriptions (it’s cheaper to stamp one confirmation message than hundreds of unsolicited newsletters). And sysadmins may finally turn off superfluous autoresponders (virus alert messages sent to innocent spoofed “senders” are as much to blame for network slowdowns as the viruses themselves).

Leading trade groups, including the Email Service Provider Coalition (ESPC), say they “conceptually” support email postage. Primarily, they advocate authenticated sender identity (a critical step, but of little help with good faith messages sent by legitimate mailers). Ideally, they want a rebuilt email infrastructure. E-mailers, after all, pay the postage. Participating ISPs are the beneficiaries.

Yes, ISPs have an enormous interest in stopping spam, delivering good email, and easing server load. Yet there’s a lemons-to-lemonade dimension to anything that might wring positive cash flow out of a negative situation. Major ISPs are broadly in favor of email postage. (Could MSN earn money every time a newly discovered Microsoft security hole generates an email tsunami?)

Marketers and publishers must exercise the most caution. E-mail postage has enough merit to not be dismissed out of hand. But money’s a powerful lure to hackers, phishers, spammers, and their ilk. E-mail postage could become a Pandora’s box of new online scams. If a bad guy is mad at, or competitive with, an organization that pays to send email, havoc could ensue.

Who mediates the millions of complaints? What will email marketing and publishing cost once postal fees, plus requisite additional layers of site and network security, are factored in? What about consumer education?

Bottom line: What’s the value, and to whom?

E-mail postage, like any anti-spam strategy, is no silver bullet. Legitimate bulk emailers must seriously consider the angles.

It’s your money.