I don't want Google's (or anyone else's) scripts reading my email, so I am prepared to pay for this service, but no one offers it yet. In the USA, the Stored Communications Act (part of the decades-old wiretap legislation package known as the Electronic Communications Privacy Act) says that any electronic data stored with a third party for more than 180 days can be subpoenaed by law enforcement without notifying the owner of that data. So to discourage government fishing expeditions, the data needs to be stored encrypted on the server and only be decryptable by the client. Some companies, like Hushmail.com offer some of these services. [Note to venture capitalists: I can fix this for $10M, business plan on request. Just don't make your request by email.]

Spam isn't clogging up my mailbox. That's a separate problem. I get a lot of spam, currently more than 2,500 spam messages each and every day just like everyone else who posted to usenet in the 1990s and still uses the same account. With an average spam size around 10KB, that's more than 2 MB a day flowing in, and being automatically filtered out and junked. The signal-to-noise ratio is 0.004 and dropping by the month. Yet nobody seems able to fix the spam onslaught.

I remember the very first spam email I got. I was slightly surprised to get email from someone I didn't know, who seemed to be suggesting a product for me to buy. Why would they do that, and why would they choose me, out of all the thousands of people on the Internet? This was a couple of years before April 1994 when two deadbeat lawyers from Arizona, Canter and Siegel, spammed all 6000 Usenet newsgroups with their unwanted adverts. They offered to help people enter the Green Card immigration lottery for $145, suppressing the information that people could enter by themselves for free.

After my first email spam, several weeks went by, and then a different one arrived. I kept that too, for its novelty value. I stopped saving them pretty quickly. Currently spam flows in at 100,000 bytes/hour in ever-increasing torrents. So I have three email problems: answering it, searching it, and fending off spam.

The dead-level limit came in April 2004, when I hit all three problems in one email. Specifically, I got three spam emails that were apparently sent by me. I was spamming myself! OK, I wasn't really spamming myself. Spammers are up to all kinds of tricks to get you to read the pitch and/or click on the viral attachment. They forge sender names at random. Friends had complained in the past of getting spam that was forged to look like it came from me, and finally I got three of them myself within a week.

The email header showed all three of these spams came from the same ISP:

Spam-merchants can (and do) forge all the other headers, but they cannot forge the last hop before it reaches your site. They lie about the domain and user name, but must put their true IP address in there, otherwise your ISP's mail program cannot talk to them and accept mail for delivery.

A reverse DNS search (try dnsstuff.com or samspade.org) on that IP address showed that it belonged to a company called Global Access Telecommunications, Inc. of Frankfurt in Germany. One of their customers was the spammer, but G.A.T. were responsible for not enforcing their terms of service, and allowing the spammer to get away with it. G.A.T. was quickly put on a worldwide blacklist of organizations from whom email is rejected, for being clueless ISPs. These blacklists are maintained by volunteers like spamhaus.org and cbl.abuseat.org, but they have the same limitation as virus scanners—they are reactive and only come into effect after a large number of people have already suffered the ill effects.

The payload in all three of these spams was a Trojan Horse executable attachment. When installed, that would turn my PC into a zombie spam-bot under the control of the spammers. This is an open proxy server, that will accept connections from anywhere, and act as a blind intermediary to any other network addresses/services. The spammers would then use my PC to continue their spamming.

This has got to stop. The whole thing: the spamming, the viruses, the trojan horses, the worms, the phishing for credit data, the remote control of thousands of other peoples' PCs, the distributed denial of service attacks, the 419 frauds, the Windows operating system that provides such a nutritious environment for these; all of it has to stop. If Windows was a car that failed this badly, the Federal government would have forced the manufacturer to recall it and fix it years ago.

The email problem is actually the same kind of problem that plagues Windows itself. It is hard to build a secure, trustworthy application on top of an insecure foundation. In the case of email and Windows, the design in use today did not have security as a goal. The insecurity of Windows actively contributes to the degradation of the Internet.

Other operating systems like Linux, MacOS X, and Solaris, don't have the constant, recurring security problems of Windows. It's not just because Windows is the default big target. It's because security is still not seen as an important goal in the design of Windows, and it was and is a goal in the other operating systems.

Non-technical people often don't realize the magnitude of the problem, and propose naive solutions to solve the piece of it that they understand. This happens so frequently that the Net has developed a checklist for pointing out the flaws. It outlines many of the issues:

What this is saying is that, short of a major technological miracle, the only way we'll get relief is to build the Internet version 2.

Email is a tough problem because I want to get email from people who have never emailed me in the past (old school friends, book readers, students) but I don't want to a deluge of spam. The way to solve it is to remove anonymity from email transactions. If abuse occurs, you go back up the chain, your ISP, the spammer's ISP, to the spammer, and you have an identifiable perpetrator to hold accountable. If they are in a region where your laws don't apply, and their ISP lets it happen repeatedly, their ISP gets blacklisted. Other ISPs in law-abiding nations refuse to make connections or route packets from them, so they quickly isolate themselves from the net. It may be that bulk mail is no longer an economically feasible service for ISPs to offer without bond guarantees—great!

There are a couple of proposals for reducing spam. The Sender Policy Framework (SPF) is an effort to stop forged mail headers. At each mail hop, the IP addresses are validated against the domain names the mail says it has. Mis-matches are very likely forgeries, and can be discarded. SPF won't help much with spam sent by zombie spambots, Windows PCs that have been taken over, and remotely controlled to channel spam. Domain Keys is a similar proposal for validating message headers. These proposals are helpful as far as they go, but we need authentication and privacy in many protocols not just the Simple Mail Transfer Protocol. We need a solution not just for mail, but for blogs, for web services, for secure e-commerce, for browsers, for everything online that needs privacy, authentication, and security. Why reinvent it for each protocol?

The right way to do all this is to implement TIP—trusted Internet Protocol—IPv6 with cryptographically based identity checking implemented in hardware. That is what Intel should be working on, instead of dabbling with the symptoms (like the NX—No eXecute—hardware change supported in Windows XP SP2 to prevent stack-cracking).

TIP will require people to log on (authenticate) before can they reach out and use other people's resources on the network. Your home PC will do this for you automatically, just like your home phone. PCs in libraries or internet cafes will either be untrusted, and thus restricted to read-only remote operations. Or users can authenticate manually to be allowed to send email, run ssh, etc.

This won't stop spam. Nothing can stop spam, short of stopping email. Email is a protocol that allows other people to write content onto your server. There is no 100% perfect algorithm to automatically distinguish content you like, from content you don't like. Identity authentication will diminish the volume and provide accountability.

It's not like this kind of need has never arisen before in the history of the planet. How bad did things get before we had building codes? Before we got traffic laws? Before we realized that unbridled power of sovereigns or presidents was a terrible idea? Before we registered shipping? Before we put customs and immigration officers at the borders? Before we had copyrights for written works? Before we licensed the radio spectrum? Before we stopped free MP3 music piracy online? OK, strike that last one.

How much worse do things have to get on the Internet before people are desperate to get automated trust assurance for our fundamental tool for information sharing? For me, the answer came in the week of April 19 2004, when "I" sent myself 3 spam messages that were designed to take control of my PC.