I know that this proposal is kind of dangerous as it requires introspection of the users messages.
But how about this: After registration, the users is put on a surveillance list, for like a few days or weeks. She shall be notified about this, in the Terms of service and possibly by a system tool reminding about that (good location to link to OTR tools also). During that time, invitations are forced to have text, otherwise they're rejected by the server. Additionally, all text messages are scanned with a bayes filter, same for the invitation texts. If the filter alerts that it's possibly spam, it could highlight that for an operator, who can then manually investigate the account. If the account has been okay for a few weeks and produced a reasonable amount of traffic, it can be removed from surveillance. This is just a starting point; I am not an operator of an open server (I operate a private one where I know everyone having an account by face), nor do I have to deal with spam issues right now, except in my Inbox (where thunderbird does it's job just fine). I don't like that proposal too much myself, as it requires intruding the users privacy to a certain extent for a certain period of time. It's just what my mind came up putting all the pieces I've seen on mailinglists these days together. regards, Jonas
