Library - Challenge/Response schemes (a.k.a., C/R systems)
C/R schemes are, in effect, outsourced automated whitelisting schemes that are incorrectly promoted as a solution to the spam problem. C/R schemes are typically viewed as "spam amplifiers" among spam-fighters because new messages are automatically generated and then relayed to a possibly forged sender, which actually assist spammers in abusing their victims through a third party when the sender eMail address is a forgery (forgery is a common spammer tactic).
The main problems with C/R schemes are:
- Delegation of the recipient's consent to unknown third parties
- Messages that would typically be classified as spam (junk eMail) lose that classification because the recipient authorized the sender to provide consent for them: After consent is granted in response to a C/R challenge, all messages from that sender address are delivered as "legitimate" (not spam), thus any spam reports by the recipient would be fraudulent (see "consent" under the definition of "spam").
What this means is that users of C/R schemes who claim that they get absolutely no spam are correct because all messages have that element of consent.
- Off-loading costs
- Although a C/R scheme may seem convenient to a recipient, it actually creates an inconvenience for everyone else, especially if the sender is a legitimate eMail list (where each C/R challenge is forwarded to every list subscriber).
Expecting senders to follow additional steps to communicate with someone is a time-consuming inconvenience that interferes with usability and productivity, and further discourages the use of eMail. Additionally, senders may find the C/R challenge request confusing, and just delete it (assuming that eMail will continue to function as expected), without understanding that the delivery of their message was prevented.
- Spam amplifiers
- Since spammers routinely forge sender addresses when sending their junk, and because C/R challenges are normally sent to the sender address (regardless of whether it's a forgery), victims of forgery committed by spammers will receive these challenge eMails. This places additional burden on innocent users by wasting their valuable time and system resources.
The practice of sending automated delivery notices to senders in this manner was abandoned in the mid-to-late 1990s because viruses, in addition to spammers, became well known for using forgery tactics, yet unfortunately C/R schemes rely heavily on this outdated approach.
- Spam relays
- A typical C/R scheme can be abused by spammers to deliver messages where the initial eMail is crafted with the forged "from:" address of their victim. Along with the challenge that is relayed by the C/R scheme to the spammer's victim, the spammer's message (or a portion) is also included in some manner, thus facilitating the spammer's message delivery needs.
(Thanks to D. Stussy for initially describing this problem, c. 2003.)
- Language barriers
- There is no reliable method of determining which language to use for the challenge instructions; Each user's eMail system usually provides an explanation, in their native language, of the internationally standardized non-delivery error code numbers.
- Privacy concerns
- When users realize that the third-party operator of their C/R scheme keeps permanent records of which eMail addresses are approved (a necessity for a C/R scheme to function), privacy concerns often arise.
To marketers, criminals, lawyers with court orders, private investigators, and various other parties, this collection of personal information can be useful, which is a valid reason for privacy advocates to raise concerns.
- Deadlocks between C/R challenges
- For two users depending on C/R schemes, a deadlock can occur between them when a C/R challenge is answered by a C/R challenge from the other user's system. A typical claim by C/R scheme advocates is that mechanisms can be put into place to resolve these deadlocks, but the problem is that spammers may be able to simulate such mechanisms to bypass or circumvent the C/R challenges altogether.
Normally, when two C/R challenges are deadlocked, both users are unable to receive eMail messages from each other until some form of manual intervention occurs (e.g., from their ISP) to temporarily override the system policies.