There's still friend-request spam on facebook, but not nearly as much as email because you can just ignore the people you don't know and block people you do know if they begin to spam you.

My initial thoughts are that you'd have a blacklist for servers as well as individuals. So if people mistakenly approve senders at around the same rate they mistakenly open spam emails then you'd only get through one time in ten thousand. If your local messaging provider realizes that 9999 out of ten thousand friend requests from a particular domain are denied, then they'd block the entire domain.

Since a friend request conveys little to no information beyond the fact that someone wants to communicate, they'd be unable to get their message out effectively. If one in ten thousand spam friend requests gets through by mistake and after the initial spam message one in ten thousand isn't immediately blocked, then the spammers would need to set up ten thousand domains, each sending out ten thousand messages to get through to one schmuck who might fall for it, and then they'd need 9999 new domains since all but one have been blacklisted. It would likely be enough of a deterrent to prevent most spammers from continuing, although there will always be some amount of spam.

At least I don't think most people would be likely to accept a friend request from IncreaseYourDickSize6969@nigeriamail.com -- but there may be more effective strategies for handling burner identities. How would you do it?