Challenge-response

System demanding sender confirmation before delivering email

Challenge-response is a system used to filter spam email by requesting confirmation from senders of unsolicited emails.

The sender is sent a mail requesting they take some action (such as clicking on a link and complete a CAPTCHA) to confirm that they sent the mail. If the sender does respond the system judges them to be a real person, rather than a spamming bot, and passes the mail on to the intended recipient, often adding the sender to a whitelist.

The system has been criticised for adding to the drain on network bandwidth caused by spam, as often spam will use a forged header with fake response details, so innocent people end up being 'spammed' by the challenge-response system, querying emails they never sent.

Glossary


	Similar entries Anti-malware Anti-spyware Anti-virus Bayesian filter Behaviour blocker Blacklist CAPTCHA Content filtering Demilitarized Zone DKIM DNSBL Encryption Firewall Greylisting Heuristics Intrusion detection system Intrusion prevention system Layered defence MAAWG Markovian discrimination OCR On-access scanning Patch Patch Tuesday Public Key Cryptography Service pack SPF Spam filter URL filtering Walled garden Whitelisting Opt-in Opt-out URIBL See also Glossary Resources

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Jobs


	In Virus Bulletin's jobs pages among others: Software Tester (m/f) Mac (Tettnang, Germany) Software Developer for Automation of Processes (Tettnang, Germany)

Virus Bulletin currently has 224,240 registered users.

Fighting malware and spam

Challenge-response

See also