Challenge-response

System demanding sender confirmation before delivering email

Challenge-response is a system used to filter spam email by requesting confirmation from senders of unsolicited emails.

The sender is sent a mail requesting they take some action (such as clicking on a link and complete a CAPTCHA) to confirm that they sent the mail. If the sender does respond the system judges them to be a real person, rather than a spamming bot, and passes the mail on to the intended recipient, often adding the sender to a whitelist.

The system has been criticised for adding to the drain on network bandwidth caused by spam, as often spam will use a forged header with fake response details, so innocent people end up being 'spammed' by the challenge-response system, querying emails they never sent.

Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments
Jobs Recruit Sidebar

Virus Bulletin

In this month's magazine:
  • Social networking meets social engineering
  • Flying solo
  • Geneva convention
  • 7th German Anti Spam Summit 2009
  • Anti-phishing landing page: turning a 404 into a teachable moment
  • An update on spamming botnets: are we losing the war?
  • Windows Server 2008 Standard Edition SP2 x86
Virus Bulletin 10 2009
Subscribe now!
Virus Bulletin currently has 190,841 registered users.