Re: not everyone is happy with SA

Thu, 19 Jul 2007 16:58:14 -0700 

jdow wrote:

From: "John Rudd" <[EMAIL PROTECTED]>





If you return a 5xx error, what is to prevent the spammer from 
clicking to release? CAPTCHA?



I'm actually not concerned about that.  While that is a quality issue 
for the user of the C/R system, it isn't something that pollutes the net.


THAT is where we disagree. C/R pollutes the net. There is no question
about it. It is the effort of a weak mind to defend itself from knowledge
as well as spam.




You misunderstood my point.  I'm not saying C/R doesn't pollute the net. 
  I said the exact release mechanism isn't something I'm concerned 
about.  It is not an extra set of net pollution, above and beyond the 
basic C/R system.



Also, the mentioned C/R system is at least less polluting than other C/R 
mechanisms: it's rejecting instead of bouncing, so messages from direct 
spam sending bots will just disappear instead of being backscattered. 
Normal C/R systems would cause backscatter from those same messages.



But, as I pointed out, and as you agreed with me, it still has at least 
2 features that remain unacceptable (and as the person who mentioned it 
said, he doesn't know if the 3rd one is a problem in that implementation 
or not; so it might be 3 features that remain unacceptable).




What if this system was in widespread use? It could be a serious 
single point of failure.



Again, that's a quality issue for the user of the C/R system, not for 
the rest of us.  And, it's an implementation detail that might be 
solvable with clustered web servers and databases, so a large scale 
implementation might not have a single point of failure.



If you intend to email me Challenge/Response sets off a 



a) I believe there is supposed to be a comma after "me" ... otherwise 
the rant is a bit awkwardly worded.



b) I never said I plan to use C/R systems.  I don't like C/R systems.  I 
never said anything that comes close to saying that I like them or would 
use them.  You of all people I would expect to intelligently read a 
message instead of knee-jerking to a message which simply analyzes a 
newly presented C/R mechanism (and still points out its flaws), while 
dismissing some of its implementation details* as "not relevant to its 
non-users".



(* the captcha question, and the single point of failure question)























					Reply via email to