Captchas

From ASRG
Revision as of 09:11, 15 June 2009 by Johnl (talk | contribs)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Anti-spam technique: Captchas
Date of first use: ca. 2001
Effectiveness: Medium
Popularity: Medium
Difficulty of implementation: Medium
Where implemented: MTA or MUA
Harm: High

Captchas (from "Completely Automated Public Turing test to tell Computers and Humans Apart") is version of mail challenges, adapted from a method originally designed to protect web forms from being completed by robots.

When using to protect a mailbox, a confirmation message is sent to the sender when he writes to the protected mailbox for the first time, indicating a web page where he will be asked to enter a textual code hidden in an image. If the correct answer is given, the sender is added to a whitelist so subsequent messages will be accepted without any further action.

Although some defenders of this method claim it provides "100 % spam stopped without loss of messages", in practice this method has many drawbacks including:

  • All of the general problems with Challenges
  • Not user friendly with people with physical deficiencies - blind people may not be able to correctly decode captchas (see American Council of the Blind

References