There are lots of reasons why systems like Active SPAM Killer
(http://a-s-k.sourceforge.net/) are a bad idea, but here are the big two
and one you can disregard:
1) If you have sender and receiver behind this kind system, no mail will
ever get through (both sides wind up waiting for the response to the
authentication email). This is the most compelling argument. Of
course, some of us consider this to be a bonus.
2) This is a variant of the "backscatter spam" problem. The problem
occurs when you get forged return addresses. Since you can't count on
the return address, these systems can be used to DDoS an intermediate
party. This is the same reason why sanely configured mail systems no
longer send "Unable to deliver" messages in return.
3) I, personally, will blackhole any challenge/response mail domain the
moment I find out about it as it is a disaster waiting to happen. Of
course, I normally don't have to anymore as the challenge email is
almost universally caught by spam filters nowadays and thrown out.
Spammers were way ahead of the curve in making their spam look like a
challenge email in order to get through filters so most filters now dump
them into the trash.
-a
--
KPLUG-List@kernel-panic.org
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
