Has the war on spam been lost?

O’Reilly Radar has an article written by Dale Dougherty, a roundtable set of opinions on whether the war on spam can be won. Rafe Colburn also has his own response.

Rafe’s solution is to use GMail. In the Dougherty’s article, Paul Vixie mentions that the internet is going to become a “walled garden;” relying on proprietary technology provided from a single company is the same thing in my eyes. There’s no way I’m going to advocate a proprietary solution for something as important as my e-mail.

Eric Allman mentionsDKIM, which I think is an excellent weapon in the war on spam. I’m not using it however, as it doesn’t fit in with the way I use e-mail, andMUA(e-mail client) andMTA(e-mail SMTP server, essentially) is extremely sparse.

My unfortunately ineffective and impractical solution to this problem is use of PGP. Besides identity verification via digital signatures, it is also a generic platform for encrypted digital communication, and provides a distributed, robust trust model. Unfortunately, its learning curve is high, and that is why it’s basically been a failure for the past 10 yrs.

Though, lack of user education is why the spam problem keeps getting worse too. It’s users who click links in spam e-mail; it’s users who allow spammers to take over their machines through their negligence in applying security updates; it’s users (sometimes) who allow their identities to be stolen.