[Cryptography] Paid SMTP (PSMTP)

Ersin Taskin hersintaskin at gmail.com
Thu Mar 1 10:33:47 EST 2018 

 Questions I received show that I failed explaining the P-SMTP world to
some of the people in the list. This is a further clarification.

Before you read, mark the following:
1. P-SMTP world is different. You should take your SMTP glasses before you
take a look at it.
2. P-SMTP seeks how to utilize recent revolutions like cryptocurrency,
end-point TEE, DANE to fight spam.

When I register my mail address to P-SMTP my current contacts/whitelists
are added to white-list automatically. We can have inner-domain default,
inter-domain whitelisting, etc. as explained before. Then we have the
following algorithm:

IF (the sender is whitelisted)
  Fetch the mail
ELSE IF (payment script not included)
  Apply my non-white SMTP settings*
ELSE IF (syntax valid AND I am the receiver of the CommCoin (I use my
private key))
  IF (RedeemCoin())
     Fetch the mail
  ELSE
     Reject the mail
ELSE
   Reject the mail

*What about the non-white SMTP settings above. Following schemes propose an
option:
1. My mail account rejects the mail with *unpaid non-white* message code.
2. The sender receives the following message
*You are not whitelisted on the recipient, yet. You may Resend mail with
PSMTP to reach the recipient and/or you may send a Mutual Whitelist PSMTP
request.*
The message has a *Resend with PSMTP* button for a PSMTP sender together
with a *Request mutual whitelisting* checkbox.
The message would have *Register to PSMTP* Button for the non-PSMTP user.
With one-click, she can register her mail address to PSMTP and fill it with
PayPal or credit card or whatever for 1-10$. Keep in mind that e-payment
will be much more convenient in the future making PSMTP registration
one-click. Also, Imagine that we have Microsoft, Google, Apple, etc. on
board making integration, customization easy on the mail client side.
Therefore, If the sender really wants to contact the recipient and similar
people it is rational and trivial for her to join PSMTP.

The mutual whitelisting scheme is a 2/2 multisig script scheme. Sender
signs it before sending. Recipient signs it and sends back. So the sender
pushes the mutual whitelisting request button and recipient pushes the
Accept Button. The multisig scheme runs behind the scenes. If a party
doesn't obey mutual whitelist scheme the system detects immediately. My
mail client would warn me when I am requested PSMTP by a mutual whitelister.

A PSMTP user can send SMTP to an SMTP user. How about a third scheme where
a PSMTP user sends a mail to an SMTP user but with an intentional payment
script signed on the recipient's mail address (maybe we should change the
payment script scheme to signing the recipient mail address rather than
CommCoinAddress). The mail client would signal the SMTP recipient that it
is a paid mail and that she needs to register to PSMTP to collect all such
money she has received until then. The PSMTP sender would not incur any
cost as long as the recipient does not register to PSMTP. If she does,
losing a penny is worth the satisfaction of spreading the word against spam
and having an extra PSMTP peer. I would keep sending PSMTP mails to SMTP
users and a dollar/user would be OK for me to invest. This makes 100
paid emails per SMTP user. A resistant SMTP user surrounded by enough PSMTP
users may find 50 bucks in her wallet before she joins PSMTP. It would take
a penny or two for most SMTP users if we make a good campaign.

The only scenario where the PSMTP recipient may suffer is when a potential
customer or someone important that is not whitelisted gives up sending the
mail. First, we take our smtp glasses off. We see a new world with new
habits. If I am a PSMTP salesperson the first thing I do is domain
whitelist my sales targets. I will most probably see that our admin has
already domain white-listed a great deal of them already. If I try to sell
to the telecom sector, I get a list of all target telecom companies and
domain whitelist them. If I take the contact details of a target person (eg
a beautiful girl I would like to date) in a cocktail, the first thing I do
is to record it to contacts (which is whitelisting) say via QRcode. We will
have more discipline and convenience in managing contacts which is good for
us. Still, we may have a surprise potential client that insists on
resending SMTP. Then we may still get that mail forwarded to a corporate
mail address called sales_grey at mycompany.com. This list being screened and
forwarded by low-cost people. PSMTP is a movement. Reaching a critical mass
is important. Imagine a time when the person insisting on resending SMTP is
probably not worth contacting. It is OK to accept such false positive.
After all, we can't escape probabilistic approach in life. Someone who does
not really want to contact me can be a tolerable false positive. Beyond
critical mass adoption, it gets less worth hiring the low-cost people
screening greylists. When we reach enough adoption you would be better off
rejecting those who are both non-whitelisted and PSMTP hostile.

Once a critical mass is achieved, the rest is a positive feedback mechanism
flooding SMTP. PSMTP is good for every honest user. It saves the precious
Internet, and yourself, it is one-click away, easy to use and actually does
not cost at all. It is a movement that unites us as the Internet itself,
fighting back an evil parasite altogether as one. I imagine a world that
PSMTP is so trivial and useful that not using PSMTP would be unthinkable if
you are not a loser. I imagine a world where PSMTP users are considered
cool and then a world where PSMTP hostility is considered, ..., well, not
worth receiving a non-white SMTP from, if not a spammer.

It should be clear by now that PSMTP works robustly against spam when we
reach wide adoption. The question is how do we get to the critical mass... This
is the difficult part. I admit that I did not provide an answer to this
part yet. Without a solution to wide adoption, my proposal remains a fellow
discussion. Some ideas: First, we need strong technology supporters and
early adopters. Companies like Google, Microsoft, Apple, Samsung, etc; the
leading organizations of the Internet ecosystem like IEFT, W3C, IEEE,
ICANN, etc. other organizations like Linux Foundation, cryptocurrency
space, governments, you, me, etc. The PSMTP payment to SMTP addresses
scheme can be an incentive for the SMTP recipients by the PSMTP senders.
Campaigns and government support ... Any ideas?

Regards,
Ersin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180301/b993afbb/attachment.html>

More information about the cryptography mailing list