Challenge Response Spam Filter
For good or evil?
The challenge-response spam-filter troubles me lately. If you don’t know it, here is how it works if both parties have a challenge-response spam-filter:
- I write an email to someone@domain
- The address gets whitelisted on my machine
- The receiver doesn’t get my message
- I get a message from the receivers mail-server to which I should reply
- I reply to the automatic message
- The receivers mail-server whitelists my address and delivers my initial mail
So far so good. Three questions pop up:
- What if the spammer uses my whitelisted email address to send his spam?
- What if only one of the two has a challenge-response spam-filter?
- What if spammers start to automatically reply to those messages?
