Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: phranque
I thought it was about an idea I've had, and it's about implementing a captcha on the smtp servers to receive email. Of course this have some cons.
It goes like this:
John Doe wants to send an email, he is using Outlook, Eudora or Thunderbird, whatever, all email clients should be prepared to handle the captcha request (First con).
When an email is sent the receiving server sends a capcha (a gif content-type) to the sending server, which in turns send it to the client and the client present it to the user. Then the user needs to decipher the captcha in a textbox, hit send, and it is send all the way back. Thus, confirming it is a human generated email, not automated.
When Joe Spammer uses his massive email too, he will have to respond to every captcha is returned, otherwise email will never arrive.
Now, how to deal with legal massive emails? Easy: whitelist.
If I want my CNN alerts to arrive, or my Google notification, or whatever, all I need to to is to whitelist this address by mailbox.
Hard to implement? Yes.
Hard to beat? A lot.
Am I crazy? May be.
In fact, what's to stop spammers from sending CAPTCHA "confirmation" images en masse with the simple idea of getting busy people to confirm their e-mail addresses by completing the CAPTCHA for e-mails they never sent?
Overall, I see this as an effective solution, but one that would likely kill legitimate newsletters and require too much effort on the part of Joe User to continue sending much e-mail. (Not that it would hurt any of us to give up e-mail and get out in the sun a little more.... :) )
If the client developer had decided to implement CAPTCHA support then the client could parse that and display etc.
The SMTP server could also email a CAPTCHA-Response-Required email in a standard format to the return address. A CAPTHA-enabled email client can happily auto-delete the message - general clients however would display it and the text would ask the user to click a link and pass CAPTCHA there.
Alternatively, emailing the CAPTCHA image as an attachment and then accepting the response via return email would allow those without a webbrowser to complete validation.
A link to an audio version should also be included for those who can't see the CAPTCHA properly.
'Then the user needs to decipher the captcha in a textbox, hit send, and it is send all the way back. Thus, confirming it is a human generated email, not automated.'
How does that confirm it's a originally a human email, it just confirms I think it is a human email?
Sorry think I'm missing something here?
It's a neat idea - but variations of 'confirm you're a human' have been used by email filtering systems since 1998.
They work, but they are cumbersome, and can put off some genuine mailers who feel insulted by being asked to get whitelisted.
The future is in filters, which really are amazingly effective and reliable these days.
I virtually never get 'white' mail blacklisted, and rarely get more than single figures of spam in my inbox - some is inevitable, as spammers change methods, and filtering systems can only learn by feedback.
- Blind people could not send emails any more.
- No more newsletters.
- You would also not be able to send carbon copies without problems. So if you want to send a birthday invitation to all your friends you would have to sit down and type in captchas for one hour.