Dear Jack,
Lately, I have been inundated with spam. I've tried my ISP's e-mail system, I've tried a Hotmail box with the filters set at maximum, and I tried all kinds of spam blockers, but nothing stops the flow. It is getting to the point where e-mail is not worth the bother. What can be done?

Spam swamped

Dear Swamped,
Simple economics is the reason why you are getting so much spam. E-mail is cheap, cheap, cheap! Let us say that you are a person with a new product you want to introduce to the public. If you used traditional direct mail, you would need:
a) a mailing list (usually 10 to 15 cents per name,)
b) bulk mail postage stamps (19 cents)
c) envelopes (2 cents)
d) printed brochures (20 cents)
This means that you would have to spend at least fifty cents per contact. Furthermore, your customer would then have to mail an order back to you, or call a phone number, or find your product in a store, etc. Contrast this to an e-mail solicitation which could cost you as little as ONE TWENTIETH OF A CENT per contact. Furthermore, you could have a click-to-order-by-credit-card link built into your mail, making it very easy for your potential customer to buy your item. With e-mail you could contact millions of people for the same cost as contacting a few thousand by traditional methods.

The sad truth of the matter is that there is currently no satisfactory solution to the problem of spam. Even the US military, with it's access to the most sophisticated hardware, CIA programmers, and the FBI's Carnivore program, has not figured out how to stop spam from filling the boxes of our sailors and soldiers. (See The Los Angeles Times, April 5, 2003, page C1, "Military Battling Junk E-Mail" by P.J. Huffstutter.)

Unfortunately, anti-spam designs are based on filtering techniques. You run the incoming e-mail through a filter which sifts for key words or phrases which have previously been identified as common in spam-"herbal Viagra," for example-and you block the mail containing the verboten words. Some filters just look at the header, some look at the entire e-mail, but as you have found, they don't work well. Here's why:
a)let us assume that you are using a filter which detects quack aphrodisiacs usually marketed as "herbal Viagra;"
b)let us assume that marketers of such products know that they are subject to such filtering;
c)they will send out mail with the subject being "Herb Al via Agra;"
d)the filter will not "see" this phrase as being something that it should block, therefore it sends the mail to your box where
e)you will easily be able to understand what the e-mail truly concerns. (People are still smarter than machines!)

Current e-mail systems suffer from a fatal design flaw in that they rely on filtering to stop spam. Filtering doesn't work. What is needed is a totally different method of dealing with e-mail. What you need is ...

Jack Bourbon's E-Mail

As a service to electronic newspaper readers, I am placing the following design parameters into the public domain with the proviso that any use of this design must, in a prominent place on your program's start page's, include the following:

"Based on a design by Jack Bourbon of newsNH.com."

Other than that, you are free to use this information in whatever way you choose. Computer programmers take note: below is the logic sequence for an e-mail system which will defeat the vast majority of spammers. Build it, and the world --cash in hand--will beat a path to your door!

The Bourbon E-Mail System is based on a series of mailboxes-one public and two private. All mail goes to the public box; you read only what is in the private boxes-you never look at the public box; there is no outside access to the private boxes. This is not the same as, say, Hotmail's regular and junk mail boxes-they are controlled by filters.

Here is how it works:
All mail goes to the public box where it is subject to triage: let through to a private box, return to sender (more on this in a minute,) or kill.

There are some people from whom you will always want to accept the mail-your mother, relatives and friends, your boss, etc. These are people you will want to "whitelist" in a Friends' e-mail address database. So, the first thing that the Bourbon E-Mail program does is check the mail against the Friends' database and then forward acceptable mail to the first private box.

If, however, the mail is not from someone in the "Friends" database, then the program checks the mail against the "Kill" database. The "Kill" database contains the list of people you "blacklisted" as people you do not want to hear from-past spammers, people who stuff your box with Fwd, Fwd, Fwd idiot jokes that weren't even funny back in grammar school, and others whom you have declared to be personna non grata. Mail from the "kill" list gets sent to the black hole----delete!delete!delete! By the way, all of these databases are password protected to thwart any spammer who might try to sneak something into your mailbox.

This leaves the vast middle ground who are neither friend nor foe, as far as your databases are concerned. Unfortunately, most of these people will be spammers, but there might be an e-mail from that long-lost lady friend whom you never could find because she's been divorced twice and the last time she appeared under her maiden name in a Google search was 1989, so you have no idea what name she has now. She is definitely someone from whom you would want to hear, but how do you get her e-mail without opening the floodgates to all the herbal Viagra salesmen?

Almost all spam is computer generated, as opposed to individually sent letters. The spammer will type his letter then run it through a program which will blast it out to thousands, sometimes millions, of e-mail addresses simultaneously. There are databases of e-mail addresses readily available-One million eBay customers on a CD for only $149!!! Buy now!!!-some of which are themselves offered by spammers. There are also programs which build e-mail addresses on the fly from a)a database of first names + b)a database of last names + c)a database of ISPs. So, Bob + Jones + hotmail.com = instant spam! These "dictionary" programs also reverse the "a" and "b" so that jonesbob @hotmail .com also gets spam. They also hit BobJones1@, Bobjones2 @ etc. etc. This is why you can open a new e-mail account at someplace, tell no one of its existence, and still get spam.

Third class postal mailers (junk mail or "spam-in-an-envelope") consider a one or two percent response rate to be a success. Spammers don't need to stuff envelopes or buy stamps, so a response rate of one in a thousand or one in ten thousand can be a good response rate for them. On the one hand, this means that thousands of people will be inconvenienced for every customer that the spammer gets, on the other hand, this means that it would be impossible for the spammer to hand-address each piece of e-mail he sends out. This is the spammers' Achilles heel.

It is our weapon against spam: in order to send spam to a Bourbon e-mail address, you have to do the addressing by hand. Impossible? No. Impractical? Definitely!

Here is what happens to that middle neither-friend-nor-foe e-mail: it gets returned to the sender with the following message:

NOTICE

This e-mail address does NOT accept messages from unknown sources. We do not want to see commercial announcements, product offerings, financial advice, home-based business schemes, Nigerian invitations to participate in money laundrying, or similar items. If you are not one of the above and you have something of importance to send us, then you can send a ONE-TIME message by following the instructions below.

INSTRUCTIONS

Step One
Use your cut icon to capture the code below:

WErHT5679-Yr45397-Th567432-0984865-ABqrtz23-001

Step Two
Use your mail forwarding icon to send this mail back to us.

Step Three
Delete everything in the subject line, then paste the above code as the subject.

Step Four
Hit the send icon.

Note that this forwarding privilege will be valid for ONLY 48 HOURS from the time that we sent this mail back to you.

-end of instructions- [*]

Spammers who use e-mail databases or who use "dictionary" programs to generate e-mail will get huge amounts of "returned as undeliverable" mail. They expect this. That is why they use "disposable" e-mail boxes such as ones from Hotmail or Yahoo. Also, if you ever used your reply button to respond to a spammer, you most likely also got an "undeliverable" note in return because the spammer's box was swamped.

A real e-mailer, however, will not have this problems and will be able to take the steps specified in the above notice to contact you. If it is that aforementioned long-lost lady friend, she will put the code in the subject line and sent the mail back to you.

When that mail comes back, the Bourbon E-Mail Program will first check to see if the code in the subject line is still valid (the code matches one in your database and the mail has been sent within 48 hours;) if it is not, it kills the e-mail. If everything is okay, then the mail is forwarded to the second private box. (You will probably want to check box #1 frequently; box #2 can be checked on a periodic basis. Sending everything to a single private box will be an option; doing so will mix "primary" and "secondary" e-mail--it all depends on what you want and how much volume you have to deal with.) At the second box you will see a listing of the mail with this information:
a) the name (if provided) and return address of the sender,
b) the original subject line, and
c) the first three lines of the message.

By looking at this information before opening the entire e-mail, you will have a fairly clear idea of the mail's content and will be able to delete it if it is something you don't want to read. After all, a determined spammer--one with lots of time on his hands--could hand-address a letter to you. Given the rate of success of one sale for every ten thousand e-mails, it is not likely that a spammer will have the typing endurance to send you many offerings. Once you read the mail, you can then add the sender to the "whitelist," or to the "blacklist." If you do nothing, then future mail from that source will just be returned with the one-time access notice. This system will cut your spam to a trickle.

Logic tree for Bourbon E-mail

IF mail address matches any "Friends list" address
THEN forward mail to Private Box #1

ELSE

IF mail address matches any "Kill list" address
THEN delete mail

ELSE

IF mail subject = valid code
AND IF Time < TimeStampHour + 48
THEN forward mail to Private Box #2
AND get original subject line information from database
AND display at Private Box #2 sender's name and address and original subject line and first 240 characters of the e-mail
REM The code database consists of a field for the code (The code includes an individual identifier number for the recipient, plus a large randomly generated number, plus a check sum number)
a field for the time stamp with sub-fields for date hour minute second,
a field for the original subject line [**]

ELSE

IF mail address = valid code
AND IF Time > TimeStampHour + 48
THEN delete mail

ELSE

IF mail address does not = valid code
THEN generate subject code for mail
AND attach return message and code to mail
AND record TimeStamp plus SubjectCode plus the subject line information in database
AND forward mail back to sender address
AND delete mail

ELSE