Great synopsis - I want to see the full paper on full publication.
Unfortunately, it is not a solution to the spam problem. Not even close.
Once you hit their sales site - it is a legitimate transaction - with the caveat that the product is what is advertised, etc.etc.
The problem is that you have to be able to conclusively show a trail leading from the agent that sent the spam back to the vendor. Otherwise the vendor cannot be held responsible in regards to the spam. They can easily say that they paid the third party to distribute the e-mails in a legal fashion, or claim not to have commissioned the e-mails to go out in the first place. Add in that you are dealing with the laws and regulations of multiple countries, some of which have a strong economic impetus to maintain the status quo and it is not going to go too far, too fast.
Besides which, product spamming makes up only a portion of the spam out there - phishing, spear-phishing, and other malicious e-mails have a very different funding path in terms of the bad guy getting paid; which would not necessarily be impacted by putting pressure on the identified financial institutions (and of course one can always find another bank willing to reap the rewards of such lucrative customers.)
Love the research.
I can't say the solution is particularly practical.
Unfortunately, it is not a solution to the spam problem. Not even close.
Once you hit their sales site - it is a legitimate transaction - with the caveat that the product is what is advertised, etc.etc.
The problem is that you have to be able to conclusively show a trail leading from the agent that sent the spam back to the vendor. Otherwise the vendor cannot be held responsible in regards to the spam. They can easily say that they paid the third party to distribute the e-mails in a legal fashion, or claim not to have commissioned the e-mails to go out in the first place. Add in that you are dealing with the laws and regulations of multiple countries, some of which have a strong economic impetus to maintain the status quo and it is not going to go too far, too fast.
Besides which, product spamming makes up only a portion of the spam out there - phishing, spear-phishing, and other malicious e-mails have a very different funding path in terms of the bad guy getting paid; which would not necessarily be impacted by putting pressure on the identified financial institutions (and of course one can always find another bank willing to reap the rewards of such lucrative customers.)
Love the research.
I can't say the solution is particularly practical.