Antispam experts are warning that spammers have created a Trojan horse that can turn PCs into spam-sending zombies, churning out rivers of junk mail that appear to be coming from legitimate ISPs.

Steve Linford, director of U.K.-based SpamHaus, which compiles antispam blacklists, says the problem is tantamount to a coming e-mail apocalypse. He told ZDNet UK, "The e-mail infrastructure is beginning to fail. You'll see huge delays in e-mail and servers collapsing. It's the beginning of the e-mail meltdown."

Now, this is normally the point where I start snorting, shaking my head, and thinking, "Yeah, sure, and sunspots will take down the world's cellular infrastructure on Thursday, and a massive Russian mafia hacker attack will totally destroy the Net next week."

But here's the thing: I e-mailed my coworker, Robert Vamosi, author of the very well-respected Security Watch column you've often seen on these pages, commenting on the story and hoping he'd bring the spam terror alert back to normal. He didn't. In fact, he said, antispam company Postini reports that 88 percent of all e-mail traffic is spam (based on mail processed in January). And Postini officials maintain, along with Linford, that the federal Can Spam Act is at least partly to blame (if not completely) for a huge jump in the amount of spam coming from the United States, since it kindly provided legal justification for bulk e-mail sending as long as certain rules were followed.

Plus, in a gift-wrapped present to the Direct Marketing Association of America, the Can Spam Act requires you, the recipient, to opt out  of receiving spam, instead of opting in, which is the rule in some saner European countries. The result? A bunch of phony opt-out links that, in most cases, just serve to confirm your existence. At a recent geeky conference dinner, I asked a Postini employee whether antispam laws threatened the business of preventing spam. Resounding laughter ensued.

But you already know all this. You probably already know that filters aren't the answer. My husband operates an e-mail server that hosts our personal e-mail and the accounts of several of our friends and family. While our aggressive server-side spam filters (thank you, SpamAssassin) keep most (but not all, not by a long shot) spam out of our in-boxes, the act of filtering the river of mail has nearly crippled the poor machine. Here at the office, we've begged for tougher filters but been denied because more powerful filters can end up dumping legitimate mail in the trash, and bigwigs don't like having to dig through trash.

So, the answer? We're about to become a whitelist world. What good are blacklists when spammers can disguise their identities as easily as that chick from the X-Men ? And what other choice is there? I'd love to personally deliver an upside-the-head slap to anyone who's ever bought anything from an e-mail solicitation, but I have only so much arm strength. In the face of an army of untraceable, undefeatable zombies raining destruction on the world's e-mail servers, the only move left is retreat.

Whitelists are a pain in the posterior, don't get me wrong, but we can ease into them. We'll start with authenticated e-mail, à la Sendmail, in which every unknown sender must verify his or her address and existence. But the zombies will soon crack that, so you'll have to, pretty quickly, get a good list built up of e-mail you trust. Eventually, servers will have to parse only "true" or "false," rather than an increasingly long list of filtered words, images, languages, and attachments.

We could let the folks who want the spam get the spam, but I'd prefer it if every ISP instituted, within, say, two years, a mandatory whitelist policy. You don't approve the sender, the e-mail doesn't get through. End of story. Nice fantasy, anyway. We'll be ensconced in our ivory towers, enjoying the peace and quiet, refusing forwards from our crazy aunts, and complacently clicking away until the zombies rip the boards off the windows and find their way in. After that? I could learn to live without e-mail. As long as I still have my text messages. What's that? Spam there, too? OK, desert island it is.

You caught me. I have no good answer to the spam problem. Do you? Spell it out, friends!