473,698 Members | 2,972 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Verification sign up links

SOR
Although this currently defeats the spam bots in some respects - isnt it
just a mater of time before the spammers figure out a way to verify a
signup via email using rotating disposable email addresses or whatever .

And if so , Would it not be a good idea to separate the url and signup
verification code in the welcome email *now* rather than doing a rewrite
later given that non geeks tend not to update any apps they install on
their webspace in case it stops working .
Jul 25 '05 #1
7 2878
> And if so , Would it not be a good idea to separate the url and signup
verification code in the welcome email *now* rather than doing a rewrite
later given that non geeks tend not to update any apps they install on
their webspace in case it stops working .


Well you got my attention - but I don't follow - may have something to do
with the wine I have consumed...

could you expand on separating the url and signup verification code?

Thanks.

Michael
Jul 26 '05 #2
SOR
<comp.lang.ph p , Michael Phipps ,
gr************* *******@optusne t.com.au>
<42************ ***********@new s.optusnet.com. au>
<Tue, 26 Jul 2005 22:10:49 +1000>
And if so , Would it not be a good idea to separate the url and signup
verification code in the welcome email *now* rather than doing a rewrite
later given that non geeks tend not to update any apps they install on
their webspace in case it stops working .


Well you got my attention - but I don't follow - may have something to do
with the wine I have consumed...

could you expand on separating the url and signup verification code?


Spammers register on phpbb forums etc but they dont verify the signup by
clicking on the verification link in the welcome email as the spammers
use a bogus email address and dont receive the welcome email .

www.blah.com/?43543654365436

www.blah.com

43543654365436

If separated would this not make things a bit harder for the spammer
bots to verify the signup & then auto post spam to the forum .

As spamming methods evolve like everything else - isnt just a matter of
time the spammers figure out a way to receive the welcome email and
verify the signup .

Jul 26 '05 #3
> If separated would this not make things a bit harder for the spammer
bots to verify the signup & then auto post spam to the forum .

As spamming methods evolve like everything else - isnt just a matter of
time the spammers figure out a way to receive the welcome email and
verify the signup .


OK- separating the url and code would be a slow down technique - but of
course, that's assuming the spammer uses an address that receives the email
(as you already pointed out)

By having a real mail box that the spam script uses to receive and validate
welcome emails, isn't the spammer easier to track down and shutdown? I
think those "type the letters in the above graphic" systems are a more
effective method to prevent automatic sign up, and they aren't too difficult
to implement.

Michael
Jul 26 '05 #4
SOR
<comp.lang.ph p , Michael Phipps ,
gr************* *******@optusne t.com.au>
<42************ ***********@new s.optusnet.com. au>
<Wed, 27 Jul 2005 08:33:53 +1000>
OK- separating the url and code would be a slow down technique - but of
course, that's assuming the spammer uses an address that receives the email
(as you already pointed out)

By having a real mail box that the spam script uses to receive and validate
welcome emails, isn't the spammer easier to track down and shutdown? I
think those "type the letters in the above graphic" systems are a more
effective method to prevent automatic sign up, and they aren't too difficult
to implement.


Some servers dont have gd or imagemagic and cant use a image code .

Either way if there is a way to do it then rest assured the spammers
will find it or think of it .
Jul 26 '05 #5
On Tue, 26 Jul 2005 15:26:04 +0100, Peter Kerr
<we*******@spar esorrepair.co.u k.INVALID> wrote:
Spammers register on phpbb forums etc but they dont verify the signup by
clicking on the verification link in the welcome email as the spammers
use a bogus email address and dont receive the welcome email .
True, some of the time.
www.blah.com/?43543654365436
v.s.
www.blah.com 435436543654 36 If separated would this not make things a bit harder for the spammer
bots to verify the signup & then auto post spam to the forum .
For now. It could also make things unnecessarily harder for nubies to
register for - it's a trade-off, but it's worth considering in certain
circumstances. It's effectively the same as getting your credit card
and PIN on separate days in separate envelopes.
As spamming methods evolve like everything else - isnt just a matter of
time the spammers figure out a way to receive the welcome email and
verify the signup .


Yes and it's also just a matter of time until they use a throw-away
e-mail account to collect both e-mail's and combine them.

Everything evolves (trolls excluded ;-) - including crackers' attempts
at bypassing "security" measures, so deal with the real/current issues
now and re-visit your solution as "security" measures as
spammers'/crackers' responses to them evolve in parallel.

--
------------------------------------------------------------------
- Stuart Millington ALL HTML e-mail rejected -
- mailto:ph***@ds v1.co.uk http://w3.z-add.co.uk/ -
Jul 27 '05 #6
On Wed, 27 Jul 2005 08:33:53 +1000, "Michael Phipps"
<gr************ ********@optusn et.com.au> wrote:
By having a real mail box that the spam script uses to receive and validate
welcome emails, isn't the spammer easier to track down and shutdown? I
That depends on the logs of the "ISP" that provides the throw away, or
trojaned, accounts that they are using :-(
think those "type the letters in the above graphic" systems are a more
effective method to prevent automatic sign up, and they aren't too difficult
to implement.


But, they are not trivial to implement in a manner that allows
disabled access - a legal requirement in many countries.

--
------------------------------------------------------------------
- Stuart Millington ALL HTML e-mail rejected -
- mailto:ph***@ds v1.co.uk http://w3.z-add.co.uk/ -
Jul 27 '05 #7
SOR
<comp.lang.ph p , Stuart Millington , ne**@dsv1.co.uk>
<hi************ *************** *****@4ax.com>
<Wed, 27 Jul 2005 01:11:53 +0100>
Everything evolves (trolls excluded ;-)


Then your obviously not very good at trolling & you should stick to what
you know .
Jul 27 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
2598
by: Nel | last post by:
I have recently updated an on-line petition at www.fuelprotest.com The confirmation email contained a verification link like www.fuelprotest.com?cvote.php?uid=000&crc=8289fde1298721ac397392909edf2 (example link - this one won't work) However some users had problems with the link working. The email was just plain text using mail(). I have now changed it to MIME 1.0 and text/html. Would you please try
4
1544
by: Roy | last post by:
Maybe I am in the wrong place and doing this the wrong way... please tell me if you think there is a better way. I need to transfer some files from a server to the client workstation. The transfer has to be initiated from a page served up by the web server. This is easy enough to do with Java Script and Windows FSO but I have to loosen up the browser security and my (military) employer will not allow that. So, is there some way I can...
4
1834
by: thomas | last post by:
Anyone know how can I get a £ sign in the cell of a table that has been output by an xsl page I've tried <td>&#x00A3;<xsl:apply-templates select="./price" /></td> <td>£<xsl:apply-templates select="./price" /></td> both of these give a ? sign instead of a £ sign and the following gives an error
1
1480
by: VB Programmer | last post by:
I want to make an ecommerce/shopping cart ASP.NET page. How do I do credit card verification, etc? Any online tutorials or examples? Thanks, Robert
0
2186
by: pwilliams | last post by:
NCOALink Change of Address Verification Each year over 40 million Americans change their mailing addresses. This change is equivalent to every person in California deciding to change addresses and not tell you that they have moved. This uncertainty results in wasted spending on undeliverable address mail, returned mail and processing fees related to direct mail campaigns. NCOALink solves this problem for you. NCOALink provides you...
2
1711
by: Ws | last post by:
Hi all I'm trying to write up a module that *safely* sets sys.stderr and sys.stdout, and am currently having troubles with the function verification. I need to assure that the function can indeed be called as the Python manual specifies that sys.stdout and sys.stderr should be defined (standard file-like objects, only requiring a function named "write"). For an example output wrapper class, it could look something so simple
13
5489
by: Kal | last post by:
I have a small console app that started out in dotnet 1.1 in VS 2003. That version can be copied to a W2K3 server where it runs fine. I set up a new project in VS 2005 and copied the code files from 2003 to 2005 where they compile and run, no problem. When I copy the two files (exe & dll) to the same W2K3 server they fail with the Strong Name Verification Failed error. After running the console contains: "Unhandled Exception:...
3
2083
by: KDawg44 | last post by:
Hi, I would like a verification image for new sign ups on a website. Is there a way to call the PHP script through an AJAX call and have the image passed back and then display? Is there a way to pass the image serialized back to the browser and then displayed? (or something like that?) I know that I do not need to do it this way but I am wondering if its possible.
15
4799
by: sb5309 | last post by:
When one uses CAPTCHA (form with verification code), a session is required to keep the session data. In examples that I have seen on the net, I did not see a session is closed after use. Imagine a case when someone gets to a form with CAPTCHA, a session will be started in the server; and then the person decides to jump to another site without filling the form. The session data still exists in the server. If this scenario gets repeated...
0
8683
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9170
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
9031
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
8904
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
8876
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
7741
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
5867
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
2
2341
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2007
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.