Greg Tingle of Media Man Australia recently asked me, “Do you think that white lists are the answer to spam?”.
I’ve already said that challenge-response email systems aren’t a good solution. White lists in general don’t work, because they assume the only people you want to hear from are the people you already know.
White lists are a bad approach, but fortunately they’re not the only tool. I’ve become convinced that we need multiple solutions to spam; criminal law, civil law, blacklists, voluntary industry standards, Bayesian filters, filtering and tagging by the ISP, local filtering by the user, and other approaches. Used in the context of these other approaches, even white lists can be used to ensure against false positives. That way, if your best friend figures out a way to make money smuggling Viagra out of Nigeria, you won’t miss out.
One single solution isn’t going to work. The idea that there is a single solution allows everyone to say, “The solution is over there, not here.”
Very true, we need to attack spam on many levels or else nothing will happen. But you forgot to mention going after the spammers themselves. 🙂
I already suggested civil and criminal law. I did stop short of DOS attacks or publishing the telephone numbers.