[Mailman-Developers] "Turing test" to reject email harvesting bots

Bernhard Kuemel darsie at gmx.at
Sun Nov 16 09:39:22 EST 2003

Hi mailman-users!

I wrote a "turing test" that keeps e.g. email harvesting bots off:

source: http://bksys.at/bernhard/img/turing.txt

Since it is trivial to collect "high quality" email addresses 
form mailman lists even if they are only available to the members 
I'd like such a turing test be in mailman. Either before the 
"view subscribers" page or as part of the subscription process.

yields 24000 hits.
yields 40000 hits.

The text image generation is a little CPU intensive (2 s on a 
1800 MHz P4) so some measures may be desirable to prevent DoS 
attacks by flood requests of the images. E.g. Put the test after 
receival of the subscription email cookie was returned.

This test may disable users of non graphical web browers or email 
only subscribers to subscribe.


Webspace; Low end Serverhousing ab 15 e, etc.: http://www.bksys.at
Linux Admin/Programmierer: http://bksys.at/bernhard/services.html

More information about the Mailman-Developers mailing list