|
|
Posted by Stuart Millington on 10/19/13 11:22
On Tue, 26 Jul 2005 15:26:04 +0100, Peter Kerr
<webmaster@sparesorrepair.co.uk.INVALID> wrote:
>Spammers register on phpbb forums etc but they dont verify the signup by
>clicking on the verification link in the welcome email as the spammers
>use a bogus email address and dont receive the welcome email .
True, some of the time.
>www.blah.com/?43543654365436
v.s.
>www.blah.com
>43543654365436
>If separated would this not make things a bit harder for the spammer
>bots to verify the signup & then auto post spam to the forum .
For now. It could also make things unnecessarily harder for nubies to
register for - it's a trade-off, but it's worth considering in certain
circumstances. It's effectively the same as getting your credit card
and PIN on separate days in separate envelopes.
>As spamming methods evolve like everything else - isnt just a matter of
>time the spammers figure out a way to receive the welcome email and
>verify the signup .
Yes and it's also just a matter of time until they use a throw-away
e-mail account to collect both e-mail's and combine them.
Everything evolves (trolls excluded ;-) - including crackers' attempts
at bypassing "security" measures, so deal with the real/current issues
now and re-visit your solution as "security" measures as
spammers'/crackers' responses to them evolve in parallel.
--
------------------------------------------------------------------
- Stuart Millington ALL HTML e-mail rejected -
- mailto:phupp@dsv1.co.uk http://w3.z-add.co.uk/ -
Navigation:
[Reply to this message]
|