ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] Turing Test ...

2003-04-02 22:36:18
from [Art Pollard] [Permanent Link] 


<SNIP>
If someone sends an email they should accept a reply from the same person
without this type of performance. Equally nobody should ever be asked to
respond to a challenge the second or third time they send a message to the
same person.
I agree. In fact, I believe that the problem here rests less with the challenge / response system and more with the way the whitelist is managed.
A properly designed system would have IMHO added you to the whitelist the moment that the student you mentioned sent you a message. If you are good enough to communicate with (i.e., you can infer that you are not a spammer because he sent you a message) then you should be automatically whitelisted.
Some of the difficulties to the challenge / response system is that it is not standardized and currently requires a separate e-mail from you with something that identifies you as a person rather than a machine. I believe that it would be much easier if there were a standard for this sort of thing and then the challenge / response could be built directly into the e-mail client. In fact, I do not believe it would need be harder for the end user than filling out any of the other header lines such as the e-mail address, subject, BCC, etc.
If there were a standard way to do this sort of thing, even while you were composing the message, your e-mail client could download the challenge graphic and display it in your message composer. Then you would simply fill out the response to the challenge graphic in a text window -- just the same way as you would with the e-mail address or other fields. It doesn't have to be hard the way that some of these challenge / response systems are. They are difficult partly because they aren't built into everybody's mail clients and so a lot of the shortcuts that can be managed through the client aren't able to be taken advantage of.
One of the things I am noticing on this list is that there are a number of ways that we can solve this problem. However, there seems to be resistance to solving the problem simply because it makes e-mail more complicated in some way. However, it is this very ease that has gotten us in to the problem that we are in. The current system worked best when the people who were on the net were reasonably trustworthy as they worked for the Department of Defense, schools, or large companies -- all of which typically were able to get rid of the loonies. Now, we have the opposite situation where the loonies are trying to run the show.
I have to wonder, what is easier filling out a challenge / response dialog in your e-mail client for the several messages that you send per-day to people who you have never e-mailed before (all the other people you have communicated with have whitelisted you automatically) or throwing out 70+ spam messages a day.
No matter what solution we end up choosing, it is going to be more inconvenient than is currently the case. 

-Art

--
Art Pollard
http://www.lextek.com/
Suppliers of High Performance Text Retrieval Engines.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Turing Test ..., Claus Assmann
Next by Date:  Re: [Asrg] Turing Test ..., Art Pollard
Previous by Thread:  RE: [Asrg] Turing Test ..., Hallam-Baker, Phillip
Next by Thread:  Re: [Asrg] Turing Test ..., J C Lawrence
Indexes:  [Date] [Thread] [Top] [All Lists]