In article <telecom24.333.3@telecom-digest.org>, Our Esteemed Editor
wrote:
> It is not okay to adopt a very simple challenge system in order to be
> assured that real human beings, no matter how whacky some of their
> ideas are reach the Digest but the spammers do not?
Challenge-response systems don't work, and only serve to annoy
innocent bystanders. The only challenges I've ever recieved were in
response to spam that had forged my return address. Of course, to
avoid future "challenge spam" from those domains in the future I
always responded in the positive, which renders them that much more
ineffective.
Any system that tries to rely on sender identity or content analysis
after accepting delivery from the sending system is not going to be
effective. It's bad enough when poorly configured mail systems try to
bounce messages to assumed sender addresses rather than rejecting them
before accepting delivery. Don't add another layer of abuse on top of
it. Just because you got spam is no reason to be sending email to me.
John Meissen jmeissen@aracnet.com
[TELECOM Digest Editor's Note: But I do the essence of challenge
response right now, as many other mailing list publishers do. You
(or some spammer or other idiot) writes to me. When it gets here if
Spam Assassin detirmines it to be spam it goes into one file. The
allegedly _legitimate_ letter writers get back an auto-ack from me,
but since Spam Assassin lets so much garbage through, a lot of
spammers get an auto-ack also.
Because of my personal experience with this for a few years now, the
auto-ack begins with the assumption you _are a spammer_ also. It asks
you to (1) remove this email address from your list. (2) It tells you
we are not interested at all ... (3) then it goes on to say "If you
were not the writer of what I received, then someone apparently took
control of your computer; please get help as needed in cleaning out
the viruses, etc.
Then after a couple paragraphs at least of addressing you as though
you are the spammer, or the idiot with the zombified computer, it
goes on to conclude (4) "for everyone else, good netizens who wrote
to me, your letter is being read and evaluated and readied for use
in the Digest. Thank you for writing me." Now, is the complaint I
make in (1),(2) and (3) too much of an imposition to read? I very
strongly support the work of http://www.bluesecurity.com and hope
all readers will at least review it and decide from there. PAT]