Challenge-response

System demanding sender confirmation before delivering email

Challenge-response is a system used to filter spam email by requesting confirmation from senders of unsolicited emails.

The sender is sent a mail requesting they take some action (such as clicking on a link and complete a CAPTCHA) to confirm that they sent the mail. If the sender does respond the system judges them to be a real person, rather than a spamming bot, and passes the mail on to the intended recipient, often adding the sender to a whitelist.

The system has been criticised for adding to the drain on network bandwidth caused by spam, as often spam will use a forged header with fake response details, so innocent people end up being 'spammed' by the challenge-response system, querying emails they never sent.

Poll

Should anti-virus software be free for personal use?

Leave a comment
View 43 comments

Virus Bulletin

In this month's magazine:

Co-operation is the only way
XXX racted
Your filters are bypassed: Rustock.C in the kernel
Family matters
The Ottawa rules
DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0
The problem of backscatter – part 3

Subscribe now!

Virus Bulletin currently has 144,137 registered users.

Fighting malware and spam

Challenge-response

Anti-malware

Anti-spyware

Anti-virus

Bayesian filter

Behaviour blocker

Blacklist

CAPTCHA

Content filtering

Demilitarized Zone

DKIM

Encryption

Firewall

Greylisting

Heuristics

Intrusion detection system

Intrusion prevention system

Layered defence

MAAWG

Markovian discrimination

OCR

On-access scanning

Patch

Patch Tuesday

Public Key Cryptography

Service pack

SPF

Spam filter

URL filtering

Walled garden

Whitelisting

See also

Glossary

Resources

Poll

Virus Bulletin