Perhaps you could synthesize the numbers in a way that the carriers will agree to? That it, sanitize out the competitive information, to produce something relevant only to spam control in the aggregate.
The numbers are a few years old, anecdotal (although at least they came from people inside the companies!), and not computed in the saw way. For instance, BigISP1 counted the time spent on customer service on spam-related topics plus sysop time plus connectivity costs, while BigISP2 only counted the latter two.
But, to be more relevant, let me say that all of the numbers were in millions of dollars.
To bludgeon the point a bit:
- Big ISPs and other mail service providers know how much spam is costing them.
- For some ISPs, the amount is in the millions of dollars.
- Even an expensive team of consultants could devise a trust-based or work-based protocol and shepherd it through the IETF for less than one tenth the annual cost for a single ISP.
Given the above, the reason that the people who are most financially hurt by the spam problem have not done anything about it from a protocol level is either that they are financially stupid or that their research into the solutions didn't result in a solution that would cost them more. I believe it is the latter. People outside those companies might have different opinions, but to say "if we invent a protocol that we think will work, they will use it" is nonsense.
--Paul Hoffman, Director --Internet Mail Consortium