In this reply, the purported sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered.
Two characteristics that differ between legitimate senders and spammers are exploited to achieve this goal: Listed below are examples of challenges that are or could be used to exploit these differences: Nowadays C/R systems are not used widely enough to make spammers bother to (automatically) respond to challenges.
Therefore, C/R systems generally just rely on a simple challenge that would be made more complicated if spammers ever build such automated responders.
This would create e-mail backscatter, which would effectively shift the burden from the person who would have received the spam to the person whose address was forged and which may be treated the same as any other Unsolicited Bulk Email (UBE) by the receiving system, possibly leading to blacklisting of the mail server or even listing on a DNSBL.
Some C/R critics consider it rude to give people your email address, then require them (unless previously whitelisted, which might not always be possible) to answer the challenge before they can send you mail.
[3] Advocates of C/R systems argue that the benefits by far outweigh the 'burden' of an incidental challenge, and that there will probably never be a final solution against spam without laying some kind of burden on the e-mail sender.
[citation needed] This issue is particularly notable with newsletters, transactional messages, and other solicited bulk email, as such senders do not usually check for challenges to their mail.