I know that John Levine reads this group and is also involved with the whole spam issue. Maybe he, and others, can provide some therapeutic responses for the following ramblings on solutions for email spam.
The email spam problem on my university email account (which is the only personal email account I have or ever want to have) is at this point really getting to me.
Despite pre-filtering by the best filters that Stanford IT can provide for its university servers, followed by further filtering by numerous filters I've created in my own Eudora POP client and years of training of Eudora's Junk filter, an ever-growing amount of egregious spam has been showing up in my IN box in recent months.
After looking at a lot of online discussions of this issue, I've come to believe that (a) searching for ever more intelligent recipient-end filtering methods to cope with every more ingenious spam attacks, or (b) waiting for global solutions to this problem to emerge from higher management levels in the Internet or from governmental agencies, are both equally hopeless endeavors.
Given this, I'm seriously thinking of a ruthless two-part response which will not depend on any actions by anyone else:
1) I'll discard any and all of these intelligent filtering techniques and convert to a ruthless "pure whitelist" filtering approach: nothing gets through to my IN box that doesn't come from a sending address that's already in my address book, or otherwise on my whitelist. (I do realize that this will still be vulnerable to some extent, but at least it's simple and straightforward).2) But at the same time, I'd still like to be reachable, at least once, by distant or unknown colleagues, students at distant universities, and other potential new correspondents who aren't already on my whitelist.
So, I'll also post prominently on my university web page a code phrase which, if put in the Subject: line of an email message or somewhere similar, will ensure that a email message will also get through to me. This code phrase will change from time to time, may be described in a way that will hinder robotic capture, may even be Captcha-protected. Pretty much anyone who wants to reach me (or whom I want to reach) is likely to know how to search for my personal or institutional web page to get my email address. If this technique of adding a code phrase on your web site or FaceBook page become a widespread email convention, it could go a long way to solving the "initial contact" problem for those of us who use whitelist filtering.
Reactions to this? Is there any better way?
[ Moderator Note: If you implement your 'whitelist only' approach, realize that Telecom Digest/comp.dcom.telecom readers will _not_ be able to send you responses to anything you post. Please consider including a way to let those messages in. :) ]