Challenge Response is a DDoS tool. (Score 1)

Challenge/Response is a DDoS tool hidden in an anti-spam system. Consider this scenario: mallory@spamcompany.com sends out a million spams in which he puts alice@wonderland.com in the "From" field. Those running a challenge/Response tool automatically send out a challenge to alice@wonderland.com on receipt of this spam. If there were 10,000 people running a challenge/response tool, Alice will receive 10,000 challenges! If all of these had 10k+ graphics in them (as they usually do), Alice would receive 100Mb of mail in a matter of few minutes. This might disrupt Alice's mail servers, cause her to lose legitimate mail, waste several hours of her time, and quite likely force Alice (or her mail administrator) to drop all future challenges generated by Challenge/Response softwares involved in the incident; even those sent on receipt of emails that were written by Alice. (See my complete response to PC Magazine reviewers on whitelisting and Challenge/Response here)