Although this currently defeats the spam bots in some respects - isnt it
just a mater of time before the spammers figure out a way to verify a
signup via email using rotating disposable email addresses or whatever .
And if so , Would it not be a good idea to separate the url and signup
verification code in the welcome email *now* rather than doing a rewrite
later given that non geeks tend not to update any apps they install on
their webspace in case it stops working . 7 2878
> And if so , Would it not be a good idea to separate the url and signup verification code in the welcome email *now* rather than doing a rewrite later given that non geeks tend not to update any apps they install on their webspace in case it stops working .
Well you got my attention - but I don't follow - may have something to do
with the wine I have consumed...
could you expand on separating the url and signup verification code?
Thanks.
Michael
<comp.lang.ph p , Michael Phipps , gr************* *******@optusne t.com.au>
<42************ ***********@new s.optusnet.com. au>
<Tue, 26 Jul 2005 22:10:49 +1000> And if so , Would it not be a good idea to separate the url and signup verification code in the welcome email *now* rather than doing a rewrite later given that non geeks tend not to update any apps they install on their webspace in case it stops working .
Well you got my attention - but I don't follow - may have something to do with the wine I have consumed...
could you expand on separating the url and signup verification code?
Spammers register on phpbb forums etc but they dont verify the signup by
clicking on the verification link in the welcome email as the spammers
use a bogus email address and dont receive the welcome email . www.blah.com/?43543654365436 www.blah.com
43543654365436
If separated would this not make things a bit harder for the spammer
bots to verify the signup & then auto post spam to the forum .
As spamming methods evolve like everything else - isnt just a matter of
time the spammers figure out a way to receive the welcome email and
verify the signup .
> If separated would this not make things a bit harder for the spammer bots to verify the signup & then auto post spam to the forum .
As spamming methods evolve like everything else - isnt just a matter of time the spammers figure out a way to receive the welcome email and verify the signup .
OK- separating the url and code would be a slow down technique - but of
course, that's assuming the spammer uses an address that receives the email
(as you already pointed out)
By having a real mail box that the spam script uses to receive and validate
welcome emails, isn't the spammer easier to track down and shutdown? I
think those "type the letters in the above graphic" systems are a more
effective method to prevent automatic sign up, and they aren't too difficult
to implement.
Michael
<comp.lang.ph p , Michael Phipps , gr************* *******@optusne t.com.au>
<42************ ***********@new s.optusnet.com. au>
<Wed, 27 Jul 2005 08:33:53 +1000> OK- separating the url and code would be a slow down technique - but of course, that's assuming the spammer uses an address that receives the email (as you already pointed out)
By having a real mail box that the spam script uses to receive and validate welcome emails, isn't the spammer easier to track down and shutdown? I think those "type the letters in the above graphic" systems are a more effective method to prevent automatic sign up, and they aren't too difficult to implement.
Some servers dont have gd or imagemagic and cant use a image code .
Either way if there is a way to do it then rest assured the spammers
will find it or think of it .
On Tue, 26 Jul 2005 15:26:04 +0100, Peter Kerr
<we*******@spar esorrepair.co.u k.INVALID> wrote: Spammers register on phpbb forums etc but they dont verify the signup by clicking on the verification link in the welcome email as the spammers use a bogus email address and dont receive the welcome email .
True, some of the time. www.blah.com/?43543654365436
v.s. www.blah.com
435436543654 36
If separated would this not make things a bit harder for the spammer bots to verify the signup & then auto post spam to the forum .
For now. It could also make things unnecessarily harder for nubies to
register for - it's a trade-off, but it's worth considering in certain
circumstances. It's effectively the same as getting your credit card
and PIN on separate days in separate envelopes.
As spamming methods evolve like everything else - isnt just a matter of time the spammers figure out a way to receive the welcome email and verify the signup .
Yes and it's also just a matter of time until they use a throw-away
e-mail account to collect both e-mail's and combine them.
Everything evolves (trolls excluded ;-) - including crackers' attempts
at bypassing "security" measures, so deal with the real/current issues
now and re-visit your solution as "security" measures as
spammers'/crackers' responses to them evolve in parallel.
--
------------------------------------------------------------------
- Stuart Millington ALL HTML e-mail rejected -
- mailto:ph***@ds v1.co.uk http://w3.z-add.co.uk/ -
On Wed, 27 Jul 2005 08:33:53 +1000, "Michael Phipps"
<gr************ ********@optusn et.com.au> wrote: By having a real mail box that the spam script uses to receive and validate welcome emails, isn't the spammer easier to track down and shutdown? I
That depends on the logs of the "ISP" that provides the throw away, or
trojaned, accounts that they are using :-(
think those "type the letters in the above graphic" systems are a more effective method to prevent automatic sign up, and they aren't too difficult to implement.
But, they are not trivial to implement in a manner that allows
disabled access - a legal requirement in many countries.
--
------------------------------------------------------------------
- Stuart Millington ALL HTML e-mail rejected -
- mailto:ph***@ds v1.co.uk http://w3.z-add.co.uk/ -
<comp.lang.ph p , Stuart Millington , ne**@dsv1.co.uk>
<hi************ *************** *****@4ax.com>
<Wed, 27 Jul 2005 01:11:53 +0100> Everything evolves (trolls excluded ;-)
Then your obviously not very good at trolling & you should stick to what
you know . This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Nel |
last post by:
I have recently updated an on-line petition at www.fuelprotest.com
The confirmation email contained a verification link like
www.fuelprotest.com?cvote.php?uid=000&crc=8289fde1298721ac397392909edf2
(example link - this one won't work)
However some users had problems with the link working. The email was just
plain text using mail().
I have now changed it to MIME 1.0 and text/html. Would you please try
|
by: Roy |
last post by:
Maybe I am in the wrong place and doing this the wrong way... please
tell me if you think there is a better way.
I need to transfer some files from a server to the client workstation.
The transfer has to be initiated from a page served up by the web
server. This is easy enough to do with Java Script and Windows FSO
but I have to loosen up the browser security and my (military)
employer will not allow that. So, is there some way I can...
|
by: thomas |
last post by:
Anyone know how can I get a £ sign in the cell of a table that has been
output by an xsl page
I've tried
<td>£<xsl:apply-templates select="./price" /></td>
<td>£<xsl:apply-templates select="./price" /></td>
both of these give a ? sign instead of a £ sign and the following gives an
error
|
by: VB Programmer |
last post by:
I want to make an ecommerce/shopping cart ASP.NET page.
How do I do credit card verification, etc? Any online tutorials or
examples?
Thanks,
Robert
|
by: pwilliams |
last post by:
NCOALink Change of Address Verification
Each year over 40 million Americans change their mailing addresses.
This change is equivalent to every person in California deciding to
change addresses and not tell you that they have moved. This
uncertainty results in wasted spending on undeliverable address mail,
returned mail and processing fees related to direct mail campaigns.
NCOALink solves this problem for you.
NCOALink provides you...
| |
by: Ws |
last post by:
Hi all
I'm trying to write up a module that *safely* sets sys.stderr and
sys.stdout, and am currently having troubles with the function
verification. I need to assure that the function can indeed be called
as the Python manual specifies that sys.stdout and sys.stderr should be
defined (standard file-like objects, only requiring a function named
"write").
For an example output wrapper class, it could look something so simple
|
by: Kal |
last post by:
I have a small console app that started out in dotnet 1.1 in VS 2003. That
version can be copied to a W2K3 server where it runs fine.
I set up a new project in VS 2005 and copied the code files from 2003 to
2005 where they compile and run, no problem. When I copy the two files (exe
& dll) to the same W2K3 server they fail with the Strong Name Verification
Failed error. After running the console contains: "Unhandled Exception:...
|
by: KDawg44 |
last post by:
Hi,
I would like a verification image for new sign ups on a website. Is
there a way to call the PHP script through an AJAX call and have the
image passed back and then display? Is there a way to pass the image
serialized back to the browser and then displayed? (or something like
that?)
I know that I do not need to do it this way but I am wondering if its
possible.
|
by: sb5309 |
last post by:
When one uses CAPTCHA (form with verification code), a session is
required to keep the session data.
In examples that I have seen on the net, I did not see a session is
closed after use.
Imagine a case when someone gets to a form with CAPTCHA, a session
will be started in the server; and then the person decides to jump to
another site without filling the form. The session data still exists
in the server. If this scenario gets repeated...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |