Home Read about the Spamkiss project See our partner MyToken.com Frequently asked questions
english version of this page   deutsche Version der Seite   
How it works
· Spamkiss for users
· Spamkiss for mailpartners
· Spamkiss for spammers

    
The Spamkiss System

Spamkiss reduces spam - drastically. And it does its work where spam arises, with the spammer himself. It relieves those who now pay for spam - the provider and the recipient. The Spamkiss System offers the decisive difference from the widespread use of filters, which essentially deal with filtering spam already mailed.
Spamkiss is server-based and consists of a databank in which each user has a so-called "Kisslist." This list contains the sender's addresses of his communication partners. An intelligent concept and an additional mechanism, the Spamkiss Token, provide for simple administration of the "Kisslist." Spamkiss is an uncomplicated system for the user but offers the experienced user a process which permits a quick and effective solution for even complicated application problems.


The Idea

There was once a time when we could build houses without doors. It was not necessary to lock houses because it was natural to respect the privacy of others and not take advantage of their openness. But mankind has developed further and, at some point, the misuse increased to such a degree that construction based on trust had to be abandoned. Today, no one would dream of building a new house without doors - and yet everyone has the choice of locking the door or not. Very different concepts of quiet and protection exist, and this simple solution takes into account such differences.
Today we know that doors are not absolutely burglary-proof - how well they function depends on the amount of effort a potential abuser is prepared to expend and, naturally, on the profit he expects to gain. But that's no reason to go without doors: because you can well imagine what effect doing without them would have.
Spamkiss adds one more door to your e-mail mailbox. It isn't a substitute for an alarm system or a watchdog, but the basis of a concept to protect from misuse. It belongs in a mail system as a door belongs in a house.
An e-mail Address and Its Misuse
The mail address is the portal, the access to your communication partner. The address consists of a name and a domain, for example john.doe@beer.net Everyone who knows this address can send John e-mail whether he wants it or not - this circumstance opens the door to misuse and is the actual reason for the spam problem. The best-known possibilities for John to more or less effectively deal with this misuse are to manually erase the undesired mail or to filter the sender's address by various time-consuming means. When the effort becomes too much for John, he's left with changing his e-mail address, which, for a while at least, no spammer will know. But his friends and business partners will not be exactly grateful - they won't be able to reach him anymore, either.


A Spamkiss Token

A token extends John's e-mail address by a user-defined term which is written before the @ sign and is separated from the name by a special separator. John can change this addition at any time. John can pick anything for his token - let's say, he has a dog named Fiffi; then his extended mail address could be something like john.doe##fiffi@beer.net. That means that a token adds a variable to a fixed mail address. When you contact John the first time - and only then - you need his token in addition to his e-mail address.


Getting Acquainted with John

Let's just imagine that you met John yesterday at a business lunch. You had a good conversation, discovered you had common interests. And John gave you his e-mail address and also mentioned that his current token is "fiffi." Now you want to send him a mail, and write down his e-mail address - john.doe@beer.net - in your address book. You extend his address, however, by the token, but only for your first mail to him: you send your mail to john.doe##fiffi@beer.net. The Spamkiss System recognizes that you have used a correct token and places your address automatically in John's Kisslist. You no longer need the token for any future e-mails.


What the User does with the Token

Because you need John's token only the first time, he can change this part of his e-mail address at any time. John receives mails only from senders who are listed in his Kisslist or who are using an updated token. Thus the alteration of part of the address closes the portal for the abuser, as if John had changed his entire address. That means John can, so to speak, change his e-mail address as need be - without affecting correspondence to or from his friends or business partners.


What the Spammer "Gains" from the Token

If, after all, a spammer goes to the effort of obtaining John's current token: Good Luck! Just when he's sent John the first spam, John will remove the spammer from the Kisslist and change his token. A direct hit - the spammer can now go back to square one. By the way, do you deal in CD's that contain e-mail addresses from 25 million Internet-intensive users? What a bummer - without a valid token, these are unfortunately absolutely worthless.


The Trick

Here's the trick: a part of the e-mail address becomes so flexible that snooping out obtainable e-mail addresses causes such great effort, possibly repeated effort, for the spammer that it's just not worth the effort any more. To get John's token, the spammer could call John and ask, and John could even divulge the token. The spammer can profit that one time but would then have to begin again, because John would immediately change his token. What we take for granted today, namely, sending millions of spam postings to an entire mailing list at one go, will become a highly labor-intensive and time-consuming undertaking which hardly anyone can afford any more.


How Can I Obtain the Token from Another e-mail User?
  • He informs me himself when he gives me his e-mail address.
  • It was in his inquiry mail.
  • I call him and ask.
  • I look it up on the recipient's website.
  • I use the requester on MyToken.com.


The Requester

The mail sender can list his address and that of the desired recipient in a template on the server www.mytoken.com. Shortly thereafter, he will receive a mail from mytoken.com which contains the Spamkiss token. Of course, this will occur only if initially allowed by the administrator and user of a Spamkiss System.


What Happens to the Spam Problem?

The Spamkiss System is server-based and starts as soon as a mail arrives on the system, where the end user has his mailbox. That's why its quick and easy to install and implement. "Kiss" stands for "keep it simple, stupid" - and the system is exactly that: simple and effective. When the density of the Spamkiss System achieves a sufficient level on the Internet, the spammers will realize more and more that an increasing number of their e-mails do not arrive anywhere. When 90% of their spam gets through, then they don't care whether the junk mail is erased - there's little effort involved. But when 90% of their spam is returned, then they might realize that it's nonsense to continue.


Scenarios

John writes an e-mail to W.
The Spamkiss System adds W's e-mail address to the Kisslist.

John receives a mail from X. X is on the Kisslist.
The Spamkiss System forwards the mail to John.

John receives a mail from Y. Y is not on the Kisslist and has not indicated a token.
The Spamkiss System refuses receipt of the mail with the remark that the sender needs a token and that he can find further information about tokens at www.mytoken.com. Y obtains the token, can then send his e-mail to John and will automatically be placed on the Kisslist.

John receives a mail from Z. Z is not on the Kisslist but has indicated a token.
The Spamkiss System places Z's address on the Kisslist and forwards the e-mail to John.

John orders from an Internet vendor or places his name on a newsletter mailing list.
John gives his e-mail address extended by the token. The recipients can communicate directly with John in the future. If he later receives newsletters he did not order - he simply places the sender's address in the Kicklist, and the mails will be rejected in the future.

John sends a mail to a support address.
In his mail, John places his token with a notice so that the request processor can answer.


Spamkiss Advantages as Opposed to Filter-based Systems
  • The system is intelligible and clear-cut. The mail sender knows exactly what to do to reach a recipient. The recipient has simple tools to combat misuse of his e-mail address.
  • No need to deal with complicated filters and filter programs - only simple lists to administer, mostly automatically. This makes it easier on the administrator and the hardware budget.
  • Mails cannot get lost unnoticed - for example, by erroneously landing in the spam folder. If a mail does not reach a recipient, the sender is informed by return of mail and is informed about possible reasons for the failure.
  • Mails are no longer placed in the filters - the rejection occurs at the earliest point, even before the data load has been transferred to the mailbox. This reduces transfer volume and thus Internet costs.
  • The system opens up maximum benefit for the organization or group using the system, without having to change one thing on the rest of the Internet. The system is therefore an independent solution.
  • The administrative input will be reduced altogether. The greatest portion of this expenditure will be imposed on the sender of mass mail. Only what little is left of the expenditure is up to you, the end user - for the first time, you have complete decision control over the management of your mails.



 
© 2004 - All About It Systems S.A.