[Top] [All Lists]

Re: [Asrg] A CAPTCHA that automatically detects and neutralizes attacks.

2005-06-10 20:54:15

This is a readily addressable issue.  I previously stated that an email service 
provider could maintain a list of outgoing emails sent by each user.  Incoming 
challenges could then be filtered out if they did not correspond to the 
outgoing email.
If it was that simple to match up received e-mail to sent e-mail, everyone would be doing it already as a whitelisting mechanism. Unfortunately, there are things like mailing lists, aliases, people who use multiple e-mail service providers, and so on.


Asrg mailing list

<Prev in Thread] Current Thread [Next in Thread>