Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I've seen a system just like this before. I forget who was using it, but the automagic reply (with confirmation via email or the web) was quite obnoxious. Shunting unvalidated email into a holding tank has the advantage that you don't blindly send email to people or things that are trying to correspond with you (and repeat the problems we saw last week).

    The more I think about it, the more I'm warming up to some sort of bot managing my incoming email. (I remember one night pointing out the most obvious

  • Why are you ignoring SpamAssassin? It has auto-whitelists and auto-blacklists, and very smart people working on it *cough*.

    The problem with your scheme is you lose the spams sent through lists, like all the people attacking perlbug recently. SpamAssassin won't miss that.
  • Saw the following solution in a communications of the ACM a few years back. (Keep plugging SpamAssassin, Matt; I'm sure I'll try it before I try this.)

    You set up multiple valid email addresses of the form userid-\d\d\d\d\d\d@example.com . You can set up an alias for your friends, an alias for each mailing list your on, and so on. When you need to sign up for something and have a password mailed to you, you temporarily activate an alias. When one account gets discovered and you start getting hammered w

    --
    J. David works really hard, has a passion for writing good software, and knows many of the world's best Perl programmers
    • What happens if, say, one of your friends sends a message both to you and a mailing list that's archived on the web somewhere, causing a spamtrawler to pick up your "friends" address.

      Are you going to dump that address as well and replace it by one with a different number? Because that would entail informing all your friends to "please send to jxb-2001 instead of jxb-1701 from now on".

      Or if your mailing list address is compromised -- you'll have to keep track of which lists you were subscribed to *with tha
      --

      -- 
      Esli epei eto cumprenan, shris soa Sfaha.
      Aettot ibrec epesecoth, spakhea scrifeteis.

      • Are you going to dump that address as well and replace it by one with a different number? Because that would entail informing all your friends to "please send to jxb-2001 instead of jxb-1701 from now on".

        Yeah, that's the general idea. I didn't say it was the best of options, just an interesting one.

        --
        J. David works really hard, has a passion for writing good software, and knows many of the world's best Perl programmers
  • A fairly obvious disadvantage would be if someone sends you email who also has such an authentication scheme going on: your request that the sender authenticate himself first is going to bounce off his filter with a request that *you* authenticate yourself first, which results in your filter sending back an email... you get the point.

    How would you avoid that? You probably can't really. I think this sort of thing only works if you think you are (no offense intended now) so important that people will volunta
    --

    -- 
    Esli epei eto cumprenan, shris soa Sfaha.
    Aettot ibrec epesecoth, spakhea scrifeteis.