I understand why people sign up for services like Spam Arrest. I really do and I harbor no grudges against them. I don’t like spam. But I rarely go through the rigamarole required to verify myself when I send email to users of those kinds of systems. It’s a pain in the ass. Maybe I don’t have enough patience. As an individual, business owner and service provider I simply don’t have the time or the resources to do the verification.

Manual human verification systems are a bad way to fight spam. It’s too much of a burden on users and legitimate senders alike. It makes innocent people do all the work to keep other people’s mailboxes spam free. And what does it mean if a company manually (or through an automated captcha breaker) verifies itself? I guess I’m saying, use verification systems now if it helps you, but I wouldn’t buy any stock, and don’t expect to get all of your email. Spam prevention must be completely automated to be effective on a large scale.

What’s the solution? Google has a pretty good handle on it using a combination of algorithmic and community filtering. But it takes too long to flag brand new kinds of spam. I can identify spam, even new spam, with nearly 100% accuracy. Maybe sentient computers are the answer. (Ha ha!) (Google may have a handle on that, too.) Maybe Gmail will become Skynet. Hopefully I can train it to send reasonable replies on my behalf as well as filter spam (and not murder us all).

Update: Like he was reading my mind, Waxy just linked a guy who wrote some Javascript that breaks captchas: “weak captchas, but still impressive; the author explains why cracking reCAPTCHA is much harder, with more discussion on Reddit."