[SLL] [SLL} Re: Anti-spam methods
Dan Wilder
dhwilder at gmail.com
Mon Jul 30 12:56:19 PDT 2007
On Sun, Jul 29, 2007 at 03:09:39PM -0700, Glenn Stone wrote:
> On Sat, Jul 28, 2007 at 05:06:58PM -0400, Nicholas Bodley wrote:
> >
> >Fwiw, I just answered a challenge message sent as part of a routine online
> >business matter. The company didn't recognize my e-ddress, and provided a
> >link in its message body. Went there, and found a neat, concise window
> >that asked me to visually copy a number (not OCR obfuscated, either) to
> >authenticate my reply. Worked very nicely, so I thought I'd pass on the
> >company name.
>
> Challenge-response kinds of anti-spam don't work very well in corner cases.
> Consider the case of two people attempting to exchange email, each of which
> has one of these critters configured. The first sender elicits a challenge,
> which runs into his own challenge-response mechanism... *boom*. Or, even
> simpler, the case of "I need help, I'm getting on an airplane and I need an
> answer by the time I land..."
>
> Bad juju.
>
> On the other hand, I have found greylisting, which is almost but not quite a
> challenge-response mechanism which is *built into SMTP*, to be quite
> effective. Most well-behaved MTA software will retry just after the
> greylist timeout, or, if not, within an hour...
Or after 4 hours or after 8 hours ...
Works OK if your mail is not time critical, and if none of it comes from
people operating clueless MTAs that don't understand retry. I believe
there may still be some of those.
--
Dan Wilder <dhwilder at gmail.com>
More information about the linux-list
mailing list