Penny Black (research project)
The Penny Black Project is a Microsoft Research project that tries to find effective and practical ways of fighting spam. Because identifying spams consumes a recipient's time, the idea is to make the sender of emails "pay" a certain amount for sending them. The currency or the mode of payment could be CPU cycles, Turing tests or memory cycles. Such a payment would limit spammers' ability to send out large quantities of emails quickly.
The project's name is derived from the Penny Black, the world's first adhesive stamp used for pre-paid postage.
As internet email is becoming increasingly popular, spam begins to become a larger problem. It costs the recipient loss of bandwidth, time, and productivity.
The Penny Black Project is a Microsoft Research project that tries to fight spam. Like the Penny Black stamp the project was named after, the attempt is to move the costs from the receiver to the sender. The general idea is that if a stranger is sending you mail, they must prove that they have expended a certain amount of effort specifically for you and the message alone.
The project aims to have little impact with a low number of recipients while being able to charge spammers in a way such that it is no longer profitable. Research is focused on charging spammers in computing time. Doing this, would be able to limit only several emails to be sent in a minute. This would barely affect an average user, but spammers would be required to have many more computers to send spam efficiently.
The project has investigated several methods in order to charge the sender as payment. The following are the ideals for the project:
- No challenge-response mechanism is required. Unlike challenge-response approaches, we do not require additional communication between the sender and the receiver.
- No third party is required for electronic mail communication.
- Control of mail servers remains as it is now. With users and their delegates.
- Once in place, virtually no maintenance is needed (unlike spam filters that need constant updates).
CPU and memory cycles
This approach attempts to charge computing power to the sender of an email. For example, if sending an email cost ten seconds, in a full day of about 86,000 seconds, a spammer would only be able to send 8,600 emails. To overcome this, spammers would have to invest in multiple computers to send high volumes of spam.
The idea was originally formulated to use CPU memory cycles. It was quickly concluded that it was better to use memory latency – the time it takes for the computer’s processor to get information from its memory chip – than CPU power. This way, spammers could not avoid the problem just by having a higher end processor.
These tests require proof that a human was involved with the sending of an email. This can be done with a variety of different methods including a CAPTCHA. This way, in order to send a large number of emails, a spammer would have to spend a significant amount of their own time manually filling these out in order to send out a high volume of spam.
This method would charge users a cash fee to send emails. This method is generally avoided due to the large unpopularity amongst the user community as it would require charging money for an originally free service. Additionally, charging money for email would require large infrastructure changes to allow for payment.
A ticket server is a credit based method for validating emails. Tickets are required to perform actions, such as sending emails. There are three operations the ticket server provides: “Request Ticket”, “Cancel Ticket”, and “Refund Ticket”.
Request ticket helps a user obtain a ticket. These tickets may be obtained through CPU cycles, solving hard algorithms with processing power, Turing tests, or even just through a credit card.
Cancel Ticket is to be used by the receiving end of the ticket. It takes a ticket and makes it invalid. For example, after receiving an email with a ticket, the ticket would then be cancelled so it is unable to be reused.
The person who cancels a ticket also has the option to refund the ticket to the sender. This causes the original sender to regain a new ticket. For example, a user might refund a ticket that came with an email if it was not spam.
Using this, friendly and trusted emails will have little to no cost as tickets will be frequently refunded. However, spammers will be required to invest either a lot of computing time or money in order to have enough tickets to send large amounts of emails.
One of the more obvious flaws is that this project can not entirely stop spam. It only hopes to slow spam down enough such that it is no longer cost effective for spammers. Using these methods to reduce spam will also require these policies to be universal amongst mail clients.
Intended mass email may also not work as intended. For example, subscribers to a particular email service may end up getting their emails with a significant delay while the email service will also become an increased expenses to the provider.
- Dwork, Cynthia; Goldberg, Andrew. "Common Misconceptions about Computational Spam-Fighting". Retrieved February 12, 2013.
- Howell, Katie (1 November 2003), "Stamp Out Spam", Kiplinger's Personal Finance Magazine, p. 28
- Twist, Jo (26 December 2003). "Microsoft aims to make spammers pay". BBC News. Retrieved February 12, 2013.
- Abadi, Martín; Birrell, Andrew; Burrows, Mike; Dabek, Frank; Wobber, Ted (2003), ""Bankable Postage for Network Srvices" (PDF), Bankable Postage for Network Services, pp. 3–4, retrieved April 28, 2017