Content-type: text/html Downes.ca ~ Stephen's Web ~ TidBITS Policy on Challenge-Response

Stephen Downes

Knowledge, Learning, Community
If you're thinking of using a challenge-response (C-R) system to CRLFblock spam, think again. The idea of C-R is that if an email CRLFcomes from an unrecognized source, the email is blocked until CRLFthe sender, in response to an email (the 'challenge') goes to a CRLFwebsite and answers a question only humans can answer (the CRLF'response'). This article identifies a number of C-R pitfalls. It CRLFleaves out the worst one, though: some C-R systems collect the CRLFsenders' email addresses that pass the challenge, and send CRLFthem spam. Anyhow. OLDaily Policy on CRLFChallenge-Response: OLDaily has already been hit by some CRLFC-R systems. I have sent the response, and gotten spam for my CRLFtroubles. And like the authors of this article, I have too many CRLFsubscribers to do this manually. And so, like most newsletter CRLFdistributors, I will simply delete C-R requests. Yes, spam is a CRLFpain. But breaking my nice subscription system isn't the way to CRLFfix it.

Today: 0 Total: 11 [Direct link] [Share]

Image from the website


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 23, 2024 11:32 a.m.

Canadian Flag Creative Commons License.

Force:yes