challenge-response system
A challenge-response system is a program that replies to an e-mail message from an unknown sender by subjecting the sender to a test (called a
CAPTCHA) designed to differentiate humans from automated senders. The system ensures that messages from people can get through and the automated mass mailings of spammers will be rejected. Once a sender has passed the test, the sender is added to the recipient's
whitelist
of permitted senders that won't have to prove themselves each time they send a message.
Challenge-response systems take a number of different approaches to the task of separating humans from machines. Typically, when a message is received, the system sends a reply that includes a URL linking the user to a Web site. At the Web site, the user is asked to perform some task that, while easy for a human, is beyond the capabilities of an automated spamming program. The system might ask the answer to a simple question, for example, or require the user to copy distorted letters or numbers displayed in an image.
Companies that provide free e-mail accounts often use a challenge-response system to ensure that their accounts aren't given out to spammer's programs. According to Carnegie Mellon's CAPTCHA Project, computerized programs can create thousands of new e-mail accounts per second, each of which can be used to send out reams of spam.
This was last updated in February 2004
Dig Deeper
-
Adobe Reader X uses Microsoft's sandboxing technology to block potentially dangerous processes from executing beyond the confines of the software.
-
Microsoft repaired four vulnerabilities in its Forefront Unified Access Gateway and a critical flaw in Microsoft Office.
-
Download the entire October 2010 issue of Information Security magazine here in PDF format.
-
People who read this also read...
-
Resources from around the Web