Earthlink is preparing to roll out a new spam blocking service that requires mail senders to verify their identity for mail to be delivered.
Known as "challenge-response" technology, the system thwarts the ability of spammers to reach their intended audience with millions of automatically generated e-mails. When someone sends an e-mail to a challenge-response user, he or she gets an e-mail back asking to verify that the sender is a live person.
Once the sender does that by replicating a word or picture displayed on the screen, the original e-mail is allowed through. The system automatically recognizes future e-mails from the same sender, so the verification needs only to be performed once. Without the verification, the e-mail is not delivered.
The WaPo article lists some concerns about this technology that I hadn't thought of:
"Challenge-response will indeed block the vast majority of spam," said John R. Levine, a computer consultant and co-author of "The Internet for Dummies." But he said a lot of people will never respond to a challenge, or will think the challenge e-mail itself is spam.
Levine said that already, spammers are disguising e-mails as challenges to get people to open the messages. And he worries that if large numbers of people begin to use the system, user address books will be a target of hackers seeking to obtain lists of approved addresses.
Some viruses launch attacks using computer address books, and if that happened, confidence in the challenge-response system would erode, Levine said.
"The consequences of spammers' response to challenge-response will be really ugly," Levine said.