The geek news channels have recently been full of articles about the recent MIT spam conference. The existence of such a conference is a pretty good indication of how serious the problem is. But I think the geeks are looking for a solution in the wrong place.
I think this problem needs a regulatory or legislative solution, not a technical one. I know that sounds scary to those, myself included, who normally abhor government’s attempts to censor and regulate the internet. But when you read articles like this one from Computerworld, describing the filter tactics necessary to fight the latest spammers’ techniques for tricking filters; and this one from the Washington Post describing the problems with existing spam filters, the complexity of the problem becomes apparent. A lot of people are optimistic about the potential of CRM114. I gotta love the name, borrowed from one of my all-time favorite movies, but needing something like this for email is pretty ridiculous. As a moderately computer-literate person, I have no desire to spend my life engaging in a battle of wits with spammers, constantly trying to stay one step ahead of them, and I think the average Gates-worshipper would be even less happy about it. And I certainly don’t want my ISP filtering my email based on criteria that I have no control over. As annoying as spam is, I don’t want some brainless filter throwing away messages that I might really want to see.
Instead, I want to be able to tell spammers to leave me alone, and have them required to honor that. I don’t really see this as a free-speech issue; their right to free speech doesn’t trump my right to privacy. In principle, I see no difference between a “no-spam” list of email addresses that spammers are forbidden to use, and the existing “no-call” telephone list that has cut my telemarketing nuisance calls to zero since it went into effect.
I realize that legislating the Internet is difficult. In addition to the objection that some people might have to the principle, the global nature of the ‘net could pose some jurisdictional problems. Can a US law control spam sent from a server in another country? I’m not sure, but I think that if as many brilliant minds considered this angle as are currently working on filters, something could be worked out. It has to be easier than filters based on Ph.D level research.