Spamhaus’ recent continuing issues help convince me that spam blacklisting on a global or huge scale is just not worth it. Right now there are lots of firms doing a million little workarounds and hacks to offer up services for safe email, secure email, spam-free email, etc. All of these are built on an insecure protocol and are almost all really bad approaches that will work for a few years and for a decent scale, but are not the approach that will last.
Spamhaus was forced to take a company off their blacklist and pay millions of dollars in compensation to a mass-mailing company that won a suit again them (so I read). I’ve seen the cost, firsthand, to a company that gets wrongfully blacklisted (or rightfully blacklisted), and it is just not pretty.
Instead of the workarounds and hacks, someone needs to make a better protocol or force more use of the secure versions of those protocols. Let’s face it, eventually all traffic is going to be encrypted or obfuscated in some fashion, even if it takes 50 years.
Better yet, adopt something new, like instant messaging over P2P or something similar. Email is surprisingly hanging on despite IM and texting and cell phone use. Will it really still be around in 15 years? I’m skeptical…