Easy? Maybe. But at least it would have verified the spammer's e-mail address/domain/IP in a world where 99.9999% of spam hides behind fake e-mail addresses and zombie machines. Like SPF is supposed to do.
With a whitelist based system of course the user has to manage their whitelist if they want to receive e-mail from notification systems. C/R is only one piece of a whitelist based system. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] And this would be very easy for the spammers to write mail systems to look for the challenge, and respond. The only ones that make it difficult for automated response are the ones with an image that has to be typed, but many of those cause problems for people with vision problems. And they break down when you use text only mail readers. What about some end-user type that signs up for legitimate email notifications. Who is supposed to check for the challenges from the EUs that don't remember to add the notification system to their white list? _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang