[Mailman-Developers] "Turing test" to reject email harvesting bots
darsie at gmx.at
Sun Nov 16 09:39:22 EST 2003
I wrote a "turing test" that keeps e.g. email harvesting bots off:
Since it is trivial to collect "high quality" email addresses
form mailman lists even if they are only available to the members
I'd like such a turing test be in mailman. Either before the
"view subscribers" page or as part of the subscription process.
yields 24000 hits.
yields 40000 hits.
The text image generation is a little CPU intensive (2 s on a
1800 MHz P4) so some measures may be desirable to prevent DoS
attacks by flood requests of the images. E.g. Put the test after
receival of the subscription email cookie was returned.
This test may disable users of non graphical web browers or email
only subscribers to subscribe.
Webspace; Low end Serverhousing ab 15 e, etc.: http://www.bksys.at
Linux Admin/Programmierer: http://bksys.at/bernhard/services.html
More information about the Mailman-Developers