Hello, there is a standardized reply form out there for these sorts of
things, but I couldn't find it right away.
Anyway, I see several problems with this:
- the sub-address doesn't add anything, it's no different than making up a
new email address
- without using this system, you can already set up an autoresponder on old
addresses to let people know where to find you
- I don't like that you're supposed to spam everyone you know and they're
supposed to immediately drop everything and go change you in their address
book (and this expects that grandmothers that are just getting the hang of
their AOL will be able to figure this out or even understand what this all
means).
- white listing is nothing new
- challenge/response is nothing new
- if you want to not burden your friends with an initial challenge..
instead of spamming them to change the email address they have for you
(still a burden) then why not add everyone in your address book to the
"already passed the challenge procedure" list ?
- CAPTCHA assumes everyone using this system speaks English.
- As soon as a spammer starts getting CAPTCHA responses, they will fire
these off to a sweatshop in China or India to have them solved, then they
will have live, valid e-mail address, with complete sub-address, that they
can now sell to other spammers at a premium.
- Nobody's going to upgrade their own SMTP servers to process bounces from
every anti-spam system out there.
So, this is just plain old challenge response, with a CAPTCHA (the actual
mechanism of the CAPTCHA is irrelevant), with the added bonus of spamming
all your friends on a regular basis and expecting them to perform extra
work to keep up with your latest e-mail address.
Let's say I send out 2 inquiries to sales departments about buying
something. If one of them sent back this CAPTCHA thing, I probably
wouldn't even bother jumping through all the hoops, I'd just go buy from
the other place. The moral of this story is, this system can't be used by
anyone who places any sort of value on receiving email from non-spammers.
- Matt
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg