Russ Allbery wrote: >How many people who are active and have been active for some time on the >Internet are still putting e-mail addresses on web pages and then reading >them with no spam filtering whatsoever, just looking through the inbox and >deleting what isn't wanted? I do, and I don't think I've ever had a false positive. I get 5 to 10 spam messages per day, though this is increasing. Professionally, I'm currently developing a Bayesian spam filter. My intention is to eventually apply such a system to my private mail. The results I've had so far are enough to almost entirely solve my spam problem for the next couple of years: it currently stops 98% of spam in tests, and gets false positives only on messages that look a lot like spam to me. I also know I can still improve the filter a long way, a lot faster than the spammers can learn to dodge such filters. With Bayesian filters being this effective, I'm not worried about spam in the immediate future. Proper application of filtering keeps us inherently one step ahead of the spammers in the arms race -- they have to do something *completely* unlike what they've done before in order to fool us. For this reason, I'm opposed to those anti-spam measures that reduce the email network's tolerance for unsolicited or anonymous messages. I've seen rather too many proposals that would destroy the openness of the email system in order to make spam more difficult -- and most of them would disproportionately hurt legitimate email, putting up barriers that spammers would easily bypass. Whether the receiving-end filtering approach is viable in the long term is debateable. When 99.9% of email is spam, the filtering world will look very different. Perhaps at that point it'll be infeasible to continue allowing unsolicited email at all. -zefram