Re: TMDA and other challenge-response systems considered harmful
Adam Aube wrote:
Paul Johnson wrote:
Now for anybody else considering challenge-response email systems,
this is why they're considered harmful.
How are they any more harmful than autoresponders or list subscription
confirmations (like those used by the Debian lists)?
Subscription Confirmations make sense because they help the mailing list
provide an automated confirmation of the email for reasons already
discussed. More importantly, they are often times the direct and
somewhat expected result of your actions in attempting reach a specific
In that light, Challenge Response (CR) are a very rude surprise no
matter how well you attempt to phrase it. The most damning thing about
them can be shown by this current email. I'm sending it to you
personally. I've never contacted you in the past, but we know each
other through association (debian-users). But if you have a CR system
in place, you will still reject my email and I will simply not bother to
fiddle around with the process. I am answering a question you asked and
to create an entry barrier is simply not going to be tolerated.
They are also a pain in the neck when you get a CR sent to a mailing list.
But most importantly, and this is from personal experience here, they
are not very useful. I played with a CR mechanism for a few months on
my own mail server and found that I was severely defeated by one simple
mechanism. The spammers would fire off their mail and auto-respond to
my CR. That created an entirely automated system to whitelist their
spam into my server.
The result was that there was a growing number of senders who gained
access through my CR system and then bombed the hell out of my servers
with 100's to 1,000's of emails per day. Once discovered, they started
spawning "valid" email accounts against my system at a fantastic rate.
All of this cause my CR system to become worthless and only served to
confirm the address and effectively whitelist their spam.