Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: phranque
I think this is a good idea, especially since it takes the burden off of my mail server (running anti-spam software) and puts it on the spammer's server. What do you think of it?
So everybody else would have to invest an effort to help you filter your spam.
All legitimate mail users together have to invest efforts to stop spam. That is not the same thing as other people helping you decide whether a message you receive is spam or not. After all, those people's definition of spam may well differ from yours.
the burden of proof would fall on the sender
First of all, the automatic solution of some computational task doesn't prove anything. Spammers already hijack and use other people's machines (spambots) to do the work for them. It would be trivial for them to update their software for this. The only current bottleneck of those spambots is network bandwidth, with almost no CPU use. Adding some computation to the mix is very unlikely to slow them down at all.
What makes it an outright bad idea (beyond just not working) is the challenge/response concept. There are already systems out there that force the sender to eg. click a link before his message is delivered to a specific address for the first time. People who use something like this will not receive any mail from me (and from many other people). They expect me to maintain their spam filters for them, which I consider extremely rude.
The only long term solution is in actual sender authentication. The only workable (even if still somewhat imperfect) solution to this is currently SPF. Use that, and the amount of spam you receive will be drastically reduced. As an additional benefit, even other people will receive less spam, because spammers can't use your domain anymore in their fake From: headers.