Germany identifies a secure way to deal with spam

By demanding real-world identification from senders, a new German mail system may stop spam

In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking.

In practice, that would involve building a secure, parallel e-mail infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do.

De-mail -- a play on the country-code abbreviation for Deutschland (Germany) and the word e-mail -- is a government-backed service in which all messages will be encrypted and digitally signed so they cannot be intercepted or modified in transit. Businesses and individuals wanting to send or receive De-mail messages will have to prove their real-world identity and associate that with a new De-mail address from a government-approved service provider. The service will be enabled by a new law that the government expects will be in force by the end of this month. It will allow service providers to charge for sending messages if they wish.

Eliminating spam is not the primary purpose of De-mail -- in fact, service providers will be legally obliged to deliver every De-mail message, without blocking any, just as the postal service is not supposed to throw away your mail.

But the proportion of spam in De-mail is likely to be much lower than in regular Internet e-mail, of which 77.6 percent was spam in January, according to Kaspersky Labs. That's because De-mail's requirement that senders identify themselves will make it riskier to promote fake pharmaceuticals and illegal pyramid investment schemes, while any charges to send messages will make spamming less profitable.

The identity requirement will also make it easy for recipients to filter and block unwanted De-mail messages -- there is no legal obligation to read them, after all. Filtering is also possible with regular Internet e-mail, but less reliable because of the possibility of address spoofing.

Messages sent through the De-mail service will have the same legal protection and status as paper mail, making it possible to send the equivalent of recorded delivery mail and obtain a legally valid receipt.

On the technical side, De-mail will use existing Internet standards, carrying messages over encrypted connections between dedicated SMTP (Simple Mail Transfer Protocol) servers that only communicate among themselves, isolated from regular Internet mail servers. The law will require De-mail service providers to comply with strict technical specifications and to pass regular security audits.

Telecommunications operator Deutsche Telekom, corporate e-mail provider Mentana Claimsoft and Internet service provider United Internet (owner of the brands GMX and 1&1) are promoting the future service at the Cebit trade show in Hanover, Germany, this week, as is the German Ministry of the Interior, backer of the scheme.

Deutsche Post, the German postal service, has also developed a De-mail service, according to Ministry sources, but Deutsche Post was showing only its ePostBrief secure webmail service, which is already on the market but is not interoperable with De-mail.

None of the De-mail providers exhibiting at Cebit would say exactly how much they planned to charge for the service, although none of them expect the cost to exceed that of a paper letter, currently €0.55 ($US0.75) in Germany. But even at that price, De-mail senders would save by eliminating the cost of paper and printing -- or at least passing it on to recipients wishing to keep a physical copy of a document.

The secure nature of De-mail will allow banks and utilities to push out monthly statements or bills electronically, rather than on paper.

Customers can obtain the same documents from the websites of those organizations today, "but it's a pull process, they have to log in and download all this information," said Jens Mayer, De-mail project leader at Deutsche Telekom.

With De-mail, they'll be able to log in to a single site or service, the same one they use every day, to access bills and statements.

Deutsche Telekom's plan is that De-mail will be just another tab in the webmail interface for customers of its ISP subsidiary, T-Online: "Our philosophy is that De-mail should be as easy as e-mail," Mayer said.

Mentana Claimsoft, meanwhile, wants businesses and government organizations to use their existing Outlook clients and Exchange servers. The company has developed an Outlook plugin to flag authenticated incoming messages with a De-mail icon. Outgoing De-mail messages can go through Exchange too: Mentana Claimsoft will operate secure gateways into the De-mail system, although its customers will remain responsible for the authentication of their users and the security of their internal networks, said Nils Kiehne, an account manager and consultant with Mentana Claimsoft's GovMail division.

For now, De-mail usage will be restricted to German residents and businesses, but other countries could get involved. European Union competition laws require that Germany allow service providers from elsewhere in the E.U. to offer De-mail. And the legal frameworks for similar services elsewhere are starting to appear: only last month, France passed a law defining the technical framework for electronic registered mail.

Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at peter_sayer@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Internet-based applications and servicesantispamapplicationsDeutsche Post1&1 Internetinternetcebitsecuritye-mailMailAccess control and authenticationsoftwareencryptiondeutsche telekomdata protectionMentana-Claimsoft

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Peter Sayer

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?