Even SPF won't work. I have a client who uses two services which forge senders from a pool of mail servers to claim they are coming from his domain. The continual stream of forwarded failure messages is annoying to both him and me. BUT, if they were doing this properly the SPF record permitting only the "real" mail server wouldn't be an issue.

You hit it right on the head.

If you can't be part of the solution, there's plenty of money to be made in prolonging the problem.

That's great, but bots don't make bots, people do and they can read too.

The best way of countering spam other than by SPF is not to tell anyone how you do it and just keep doing it.

Here's another idea... block all email that contains consonants. That wll also block 100% of (current) spam.

The only effective way to stop spam is SPF. However domainadmins are too lazy or ignorant to put SPF records in their DNS, so as of today we have only about 10% of total domains on board. Less than enough for effective spam fight.

But after all Spam is just like viruses - there is too much money in it to "fight" it for real.

great stuff until the template is automatically constantly changed enough to confound the anti-template etc....

Sounds promising.