On Wed, 6 Aug 2003 12:01:06 +0200 (CEST) Robert Vazan <[EMAIL PROTECTED]> wrote:
> On Wed, 6 Aug 2003 01:23:56 +0200 (Romance Daylight Time) Vadim Zeitlin > <[EMAIL PROTECTED]> wrote: > > On Sun, 3 Aug 2003 19:46:25 +0200 (CEST) Robert Vazan > > <[EMAIL PROTECTED]> wrote: > > > > > I am talking about that challenge/response spam filter I mentioned > > > when I first came here. > > > > I've just seen it in action after writing to you directly :-( > > Annoying. > Yes, but it filters *all* spam and loses *no* personal mail (in theory). In theory... What do you think will happen if the guy on the other hand also uses a challenge/response system, and none of you know each other? Foo sends you a message. You reply with a challenge. Foo's system sees this mail, and also replies with a challenge, that you ignore because Foo has not yet correcty answered your challenge... At best, none of the messages sent is actually read. And if you let directly in messages with a special header that says 'this is a challenge', spammers *will* send you messages with such headers... And what about the possibility for me to mail-bomb someone using a bunch of such auto-responders: I forge an email that looks like coming from Victim, and send it to a bunch of challenge protected addresses... > People do confirm autoresponses and I am willing to reply to messages sent > by other people's autoresponders. Why would you see them? -- Xavier Nodet "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, 1759.
pgp00000.pgp
Description: PGP signature
