From: "Dave Pooser" <[EMAIL PROTECTED]>
That sounds like a very badly designed system. While I do not like C/R
systems so would never implement one, surely it is only common sense to
expect responses to emails which are sent out and therefore to accept
such responses without issuing a challenge.
I agree. But the proposed design didn't mention whitelisting the
recipients of your own outbound traffic. And there are C/R systems that
are deficient in this area.
Let me be more clear: I'm not proposing this system, merely describing one
I
encountered. My presumption is that the system whitelisted recipients of
outbound traffic and only applied this fakereject to messages that hit
some
sort of spam threshold, but I don't know for sure. (And I REALLY wish I
remembered where I encountered this system!)
If you return a 5xx error, what is to prevent the spammer from clicking
to release? CAPTCHA?
Yes, it used a CAPTCHA. And if we can design a system where sending spam
requires more effort from the spammer (reading the error message, browsing
to the site, reading the CAPTCHA, typing it in, and then clicking
"Release"
for each message) than clicking "delete" requires from the recipient, we
just won the spam war anyway.
Um, captcha? Then I'd doubly never respond to the abortion. It wasted
bandwidth on the captcha AND I CANNOT READ THE CAPTCHA IN PLAIN TEXT.
I use plain text for security reasons. If somebody is arrogant enough to
feed me a captcha I have to fill in before I can email with him he never
speaks to me. That is a triple massive insult, waste bandwidth, waste
my time, and force me to change to HTML mode before I can reply.
fsck'em.
{^_^}
