Home > Archive > PHP Documentation > March 2006 > Re: [PHP-DOC] Re: [PHP-NOTES] Note spam
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Re: [PHP-DOC] Re: [PHP-NOTES] Note spam
|
|
| Friedhelm Betz 2006-03-23, 6:59 pm |
| Sean Coates wrote:
> [resend: not sure why this didn't make it through, yesterday;
> re-sending; sorry if it's a dupe -S]
>
> Nuno Lopes wrote:
>
> Did we drop the double opt-in idea?
>
> - User submits a note (with valid email address)
> - We send mail with a token URL
> - User clicks URL
> - Note is approved and posted
Do we need to approve? I guess we have not enough "man-power" for that.
Simply post the note after we receive the token.
> Max 5 notes per address per day. Or x notes per domain/IP per day..
x notes per domain/IP per day will for sure not work. Think of people
behind proxies....
We should not limit the notes per day. To much to track, imho, no?
> Yes, the evil side COULD be automated, but it's a lot more difficult
> than a simple post.
I like this proposal, but Nuno's point stands: who's gonna implement that?
Friedhelm
| |
| Sean Coates 2006-03-23, 6:59 pm |
| > Do we need to approve? I guess we have not enough "man-power" for that.
> Simply post the note after we receive the token.
That's what I meant. Note is approved when the token URL is clicked.
>
> x notes per domain/IP per day will for sure not work. Think of people
> behind proxies....
>
> We should not limit the notes per day. To much to track, imho, no?
I suspect that these spammers would just register example.com and create
php0000001@example.com php00000002@example.com etc.
>
> I like this proposal, but Nuno's point stands: who's gonna implement that?
Not sure. (-:
I'd love to find time to do it, but I don't have it right now.
Either way, notes are a mess.
S
| |
| Friedhelm Betz 2006-03-23, 6:59 pm |
| Sean Coates wrote:
>
> That's what I meant. Note is approved when the token URL is clicked.
Ah, sorry, my misunderestimating or something this way ;-)
>
> I suspect that these spammers would just register example.com and create
> php0000001@example.com php00000002@example.com etc.
Yes, possible, but we can see and implement upperbound limit later ;-)
>
>
> Not sure. (-:
> I'd love to find time to do it, but I don't have it right now.
>
> Either way, notes are a mess.
Yes.
Friedhelm
| |
| Nuno Lopes 2006-03-24, 7:01 pm |
| >> Max 5 notes per address per day. Or x notes per domain/IP per day..
>
> x notes per domain/IP per day will for sure not work. Think of people
> behind proxies....
it already limits the number of notes per IP :)
last time I checked they were using zombie pcs, so they connected with a
different IP each time.
The CAPTCHA protection of bugs.php.net has also been broken by some bots, so
its not an option either..
Nuno
|
|
|
|
|