In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking.
In practice, that would involve building a secure, parallel email infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do.
[ A recent report shows China is cleaning up its spam problem. | Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
De-mail -- a play on the country-code abbreviation for Deutschland (Germany) and the word email -- is a government-backed service in which all messages will be encrypted and digitally signed so they cannot be intercepted or modified in transit. Businesses and individuals wanting to send or receive De-mail messages will have to prove their real-world identity and associate that with a new De-mail address from a government-approved service provider. The service will be enabled by a new law that the government expects will be in force by the end of this month. It will allow service providers to charge for sending messages if they wish.
Eliminating spam is not the primary purpose of De-mail -- in fact, service providers will be legally obliged to deliver every De-mail message, without blocking any, just as the postal service is not supposed to throw away your mail.
But the proportion of spam in De-mail is likely to be much lower than in regular Internet email, of which 77.6 percent was spam in January, according to Kaspersky Labs. That's because De-mail's requirement that senders identify themselves will make it riskier to promote fake pharmaceuticals and illegal pyramid investment schemes, while any charges to send messages will make spamming less profitable.
The identity requirement will also make it easy for recipients to filter and block unwanted De-mail messages -- there is no legal obligation to read them, after all. Filtering is also possible with regular Internet email, but less reliable because of the possibility of address spoofing.
Messages sent through the De-mail service will have the same legal protection and status as paper mail, making it possible to send the equivalent of recorded delivery mail and obtain a legally valid receipt.
On the technical side, De-mail will use existing Internet standards, carrying messages over encrypted connections between dedicated SMTP (Simple Mail Transfer Protocol) servers that only communicate among themselves, isolated from regular Internet mail servers. The law will require De-mail service providers to comply with strict technical specifications and to pass regular security audits.
Telecommunications operator Deutsche Telekom, corporate email provider Mentana Claimsoft and Internet service provider United Internet (owner of the brands GMX and 1&1) are promoting the future service at the Cebit trade show in Hanover, Germany, this week, as is the German Ministry of the Interior, backer of the scheme.
Deutsche Post, the German postal service, has also developed a De-mail service, according to Ministry sources, but Deutsche Post was showing only its ePostBrief secure webmail service, which is already on the market but is not interoperable with De-mail.