Challenge-Response Spam Blocking Challenges Patience - ' More on challenge' (
Page 2 of 2 )
-response...">
Challenge-response also got a lot of publicity last year when Walt Mossberg of the Wall Street Journal gushed all over ChoiceMail from DigiPortal Software. I do have to sympathize with Mossberg; I get a lot of email and a lot of spam, but he must really get pounded and he needs to do something about it.
But, typical of challenge-response (also known as "permission-based") mail advocates, he overstates the benefits and ignores the major problem. The biggest problem is that automated emails will not get through unless you manually add them to the whitelist. This alone will be confusing for a lot of users, if not for Mossberg or myself. But if you miss one and it sends you mail you wont know that it didnt get through. The permission form sent to the sender will be ignored so the user, as per design, wont know that an email was ever sent. Im also reasonably sure that some users will look at the permission form and either not know what to make of it (no matter how well its written) or suspect that its some sort of scam.
I dont want to excuse people behaving irrationally, but people do get irrational about their email. The end result of these problems is that you wont get some of the email for you that you wanted to receive, but you wont know it got stopped dead by your filtering software. True, with most products you can check the "pending" folder, or whatever the vendor calls it, but right there you lose the value of the product. If you have to check your spam for real mail, you may as well check it in the inbox.
When we tested Matador we ended up wishing it let us sign off on all the challenges, because a couple users sent confused and/or annoyed responses to them. Ironically, of course, having to check every message is the problems you want to solve with spam-blocking software, so thats no solution at all.
And theres one problem that challenge response, and whitelisting in general, has: Ive received a lot of spam where the from: address was the same as the to: address, in other words my own address. Surely one has to whitelist oneself so that one can cc: oneself, and for other special cases (like emailing this story to yourself from the web page). In this case, ChoiceMail special-cases your own address, allowing mail from your own address if it was sent through the same server. This works great if youre ccing yourself, but not necessarily if youre sending an article to yourself or logging in through your ISPs web-based mail system.
Ive had users of almost every spam-blocking product email me to say how it works great for them, asking how could I have had all these problems. Im definitely not a typical user, but I am adamant that I get all the legitimate mail intended for me.
Messaging & Collaboration 
