[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] Turing Test ...



<SNIP>
If someone sends an email they should accept a reply from the same person
without this type of performance. Equally nobody should ever be asked to
respond to a challenge the second or third time they send a message to the
same person.




I agree.  In fact, I believe that the problem here rests less with the 
challenge / response system and more with the way the whitelist is managed.



A properly designed system would have IMHO added you to the whitelist the 
moment that the student you mentioned sent you a message.  If you are good 
enough to communicate with (i.e., you can infer that you are not a spammer 
because he sent you a message) then you should be automatically whitelisted.



Some of the difficulties to the challenge / response system is that it is 
not standardized and currently requires a separate e-mail from you with 
something that identifies you as a person rather than a machine.  I believe 
that it would be much easier if there were a standard for this sort of 
thing and then the challenge / response could be built directly into the 
e-mail client.  In fact, I do not believe it would need be harder for the 
end user than filling out any of the other header lines such as the e-mail 
address, subject, BCC, etc.



If there were a standard way to do this sort of thing, even while you were 
composing the message, your e-mail client could download the challenge 
graphic and display it in your message composer.  Then you would simply 
fill out the response to the challenge graphic in a text window -- just the 
same way as you would with the e-mail address or other fields.  It doesn't 
have to be hard the way that some of these challenge / response systems 
are.  They are difficult partly because they aren't built into everybody's 
mail clients and so a lot of the shortcuts that can be managed through the 
client aren't able to be taken advantage of.



One of the things I am noticing on this list is that there are a number of 
ways that we can solve this problem.  However, there seems to be resistance 
to solving the problem simply because it makes e-mail more complicated in 
some way.   However, it is this very ease that has gotten us in to the 
problem that we are in.  The current system worked best when the people who 
were on the net were reasonably trustworthy as they worked for the 
Department of Defense, schools, or large companies -- all of which 
typically were able to get rid of the loonies.  Now, we have the opposite 
situation where the loonies are trying to run the show.



I have to wonder, what is easier filling out a challenge / response dialog 
in your e-mail client for the several messages that you send per-day to 
people who you have never e-mailed before (all the other people you have 
communicated with have whitelisted you automatically) or throwing out 70+ 
spam messages a day.



No matter what solution we end up choosing, it is going to be more 
inconvenient than is currently the case.



-Art



--

Art Pollard

http://www.lextek.com/

Suppliers of High Performance Text Retrieval Engines.



_______________________________________________

Asrg mailing list

Asrg@ietf.org

https://www1.ietf.org/mailman/listinfo/asrg