On Wed, 8 Oct 2008 07:21:22 -0400 Rich Kulawiec <rsk@gsp.org> wrote:
This doesn't look to me like phishing (although I can see the similarities); it looks like yet another severely clueless site engaged in challenge-response spamming. (C-R has long since been not only completely discredited as an anti-spam tactic, but has been recognized as a spam vector. Hosts emitting it are subject to blacklisting, in the same way and for much the same reason that hosts emitting backscatter/outscatter are.)
C-R *is* spam. Interestingly, proponents use the same argument for it that spammers do. It works for them. Spammers feel that .0001% response is reason enough to load the rest of us with with work for no pay. Proponents of C-R feel that reducing their spam load justifies having the rest of us work as their spam filter for free. It's the "I got mine, Jack" mentality which is sadly way too ubiquitous. Personally I think that the answer to this problem is to simply reply automatically to these challenges positively no matter what. Puts the job of filtering spam back on the first person. -- D'Arcy J.M. Cain <darcy@druid.net> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.