FR version is available. Content is displayed in original English for accuracy.
The one thing AI reliably does is generate noise. Half the tools I see launch are just machines for producing more noise across more channels. And people are starting to see this in the form of emails in their inboxes as spam filters are struggling.
There used to be a useful signal in email: the effort a sender put into customizing a message was a rough proxy for how relevant it actually was. AI killed that. Now it's customized slop with the appearance of effort with none of the cost. It is painful that the open internet / open channels have been abused like this.
Captchainbox applies the idea of proof-of-work to email. If a sender is willing to do a bit of work to reach you, the message is more likely to be worth your time and the sender more likely to be real. The work is a traditional captcha. You can also set a pay-to-deliver amount if you want more friction. The proceeds of the delivery payment after transaction costs go to the Internet Archive and the EFF. The tool currently works by authing with your Gmail or Outlook and during launch time I make this completely free as a lifetime deal (with optional payment if you wanna support).
How it works: Captchainbox builds a whitelist automatically from the metadata of your past correspondence. If you've emailed an individual address, that sender can reach you. If you talk to several people at the same domain, we whitelist the whole domain. If one transactional-looking sender has sent you more than 10 emails, we treat it as a transactional domain and let it through. This whitelist is for you to change whenever you want. It continues to build organically as you converse with more addresses.
Incoming mail is checked against that whitelist. Senders already on it land in your inbox as normal. Anyone else gets archived (never deleted) and is sent a challenge. This can be the captcha or the payment link. Once they solve it, their email is pulled out of the archive and put back into your inbox.
if you want to see what this looks like from a sender's point of view, send me an email here: doerpfelix15@gmail.com
The service only ever reads metadata, never message content. And since nothing is ever deleted, you can't lose a message. There is a legitimate risk / downside: if you sign up to a new service, these emails also land in the archive. Since we do not process the content, a first-time sender who can't solve the challenge (say an automated activation email) will sit in your archive until you spot it.
Happy to answer anything! :)

Discussion (59 Comments)Read Original on HackerNews
A few years ago I emailed a local freelancer I'd met in person, because I had a client asking for coding (which was more his bag than mine). I got an automated response that he was using something like this, with a link to some third party service to fill out a form and click a captcha if I wanted him to see my email.
Why would I? I just told the client sorry, I don't know anyone.
The lost deposits would then be used to pay for the infrastructure.
do you have a take on how one could upp the relevancy of emails so that people can actually manage their inbound? Or any other open channel that is getting flooded, for that matter?
Yikes, that's sounds unworkable for a lot of people! Most people in here are techies and use email all the time, but some use cases (say, contractors who are mostly out in jobs) people might only sit down in front of emails properly once a week. 70 emails is a mammoth waste.of resources to have flooding your inbox in that kind of context.
Good spam filters should be enough to get rid of spam without annoying people who email you.
Miserable lot that serves no purpose in life.
Every now and then update the contacts with key emails that might have been lost.
Working quite fine since 2000's.
- Nobody gets into my inbox unless whitelisted address. Instead of fighting spam and blacklisting, I know my inbox is always from someone I want to hear from.
- Every other email goes through spam assassin (which is getting worse) and then into a folder called Transactional (and if it makes a mistake, I add to the whitelist)
- I have another folder SpamAssassin where I move spam, and it gets pushed back through sa-learn
- Finally, I have a cronjob that goes through the email in Transaction and looks for subjects, senders, sending domains or to addresses that have a) been received at least 5 times and b) are only in the spam folder.
So kind of the same idea as you. But I think I'd feel really pretentious using this system and assume that quite a lot of people just rolled their eyes and ignored the rejection.
Would you feel this would be more helpful if the tool just silently manages the emails and does not send any replies to the original sender then?
Counterpoint: if you think you need to pay for my attention, that's a negative signal for what you're asking me. If I'm giving 10 vendors a shot at my business, I'm not going to pay money for the right to give you that opportunity?
On the other side, the only person paying $5 to ask me something is probably someone getting a lot of no's elsewhere. That, or what I offer is so valuable that people are willing to pay for it. But that's not most people.
Of the 20% of mail that is useful to me, it's still pretty much all just from corporations who have decided to send me a physical letter even though they have my e-mail - e.g. the water company sends me some brochure to somehow justify how much money they're charging by breaking down what they spend all their money on etc...
I get almost zero "real" mail from actual people nowadays. Now it costs £1.80 to post something first class and 91p second class, real mail is basically limited to birthday and Christmas cards. I myself send so few letters, than I still have a couple of stamps in my wallet that I technically bought 6 years ago when they cost 35% the current price (although they were replaced with barcode versions by sending them in to Royal Mail).
I know the situation here in Germany kinda sucks for non-incorporated founders (or simply any website administrator trying to commercialize anything [0]), but gating imprint/Impressum behind a login wall makes it not legally compliant. It needs to be easily accessible from anywhere (that’s why most people place it in the footer), without auth or signup; and if you put it behind either Outlook or Gmail logins, you may as well just not include it at all (realistically, who’s gonna complain if you don’t include “made in Germany”).
All the best for your project, though!
[0]: Personally I’ve given up and just include my name and address on the public web in projects now, which I guess is what the federal government wanted to achieve.
By the way, I never got a chance to thank you: The fireside you held at CDTM InnoLabs (I believe early 2024 was when I attended?) completely changed my thinking on direct air capture/DACCS and, to be frank, on carbon credits in general. Thanks!
This feels like a cool modern iteration of it.
[0]: https://en.wikipedia.org/wiki/Hashcash
Most tech companies I've seen gate and filter customer support on web not email, then only sales and external interfacing employees need external emails and the bigger problem is phishing not spam.
For my personal email I would never use this, because I myself would never solve a captcha to reach someone's inbox and I can't expect different from others.
The bit I don't understand, is what about where you need the automated-stuff-to-human, like, authenticating a new account? Would this just block those types of emails? Is the expectation if you used this, that you'd have seperate emails for contacting people vs accessing online services?
if you sign up to a new service you would have to look into your archive for the sign up email.
Sorry if it's obvious but it didn't make sense to me!
That makes sense now, you could also try something that gumroad does
"name a fair price" and let the user select or slide!
As others have said, a lot of the useful emails I get are still ones where the sender probably wouldn't have paid to send them. IM2000's fairly old-school-yet-elegant approach would probably lead to a better outcome too.
[1]: http://cr.yp.to/im2000.html
I think this concept would work if taken a step further, with a new protocol that requires encryption, but only with a key provided by a block chain that cost some nonzero amount. the email server would drop message payloads whose hash wasn't on the chain, limiting DoS attacks.
When the recipient reads the mail, it starts a process of refunding that micro payment that is a 4h cycle that can be interrupted. So if you click "spam", it blocks the refund and you keep the micro payment. Anyone sending bulk emails would go bankrupt.
Anyone using email for normal purposes would only have to buy once to have enough tokens to send a few emails. Most of the time tokens would only be used inside the system, but they would need some monetary value to do their job, so they could be pegged at say $0.10.