A temptation with challenge/response anti-spam systems
Every time I see a mail from a C/R system, I get more and more tempted to teach our mail filtering infrastructure about the most common ones, so that it can automatically acknowledge the challenges, discard the messages, and not bother the users with them at all.
Will this acknowledge a lot of spam, and thus dump it on the people operating those C/R systems? Sure, but that's not our problem. And I'd clearly be doing our users a service, especially if C/R systems get widespread.
(This is another example of how C/R systems try to work by offloading your spam problem on precisely the wrong people. The only way they can 'work' at all is if most of the mail addresses you challenge don't even exist; otherwise you are reaching either spammers or pissed off people, neither of which have your interests in mind.)
As a special bonus prize, I could even hack our system to do this even
for local addresses that don't actually exist, since it's perfectly
possible to automatically acknowledge the challenge and 5xx the DATA
command at the end of the SMTP conversation. I'd have to make sure that
this only happened for single-recipient email, but that describes all
of the C/R email I'd want to do this to.
(Ob-attribution-darnit: I've had this thought for a while, but the impetus to actually write this entry was provided by reading about a related temptation with C/R systems here.)
|
|