| Author |
 Topic  |
|
sacred
Junior Member
USA
153 Posts |
 Posted - 07 July 2003 : 07:59:47
|
My suggestion would also be put a limit on the number of emails a member can send a day when they are new, say like 5 emails. It is lifted after so many posts or until the member complains about hitting the restriction. I wouldn't tell the members publicly this is what you were doing. Just so the spammers wouldn't know.
On a side note it would be really easy to send spam emails through snitz with the inhouse message sender mod. Someone who has knowledge of programming could easily do it a couple of different ways that would take from a few seconds manually for each entry to running a batch program. Just depends on how willing the person is going to go to send spam. To detour the easiness it would be best if the ID was a session variable and not sent along the command line or through any form hidden field. Then they would have to click one by one to send an email.
Same goes with getting them from the database through HTML pages served, however, a little bit more difficult. They also can write a batch program to submit the pop_mail.asp form and simply increase an ID field with a counter then they can extract information from the html through a program analyze the data and grab the email addresses. Same as above be harder if it was stored via session variable and not on the command line or a hidden form field.
To me two things can help storing the ID as a session variable so it is not passed along the command line as well as a limit on how many times the pop_mail.asp is served up is the best thing to deter spammers.
Many blessings,
Sacred |
Edited by - sacred on 07 July 2003 08:40:53 |
 |
|
|
Etymon
Advanced Member
United States
2385 Posts |
Posted - 07 July 2003 : 08:28:56
|
quote:
Originally posted by borge
Thanks to Etymon for the idea with the new text in pop_mail.asp. It will be of some comfort, but it will not stop the spammers from doing what they do! I am stil hoping for someone to work on a MOD to help us get som kind of contoll with the e-mails sent from the forum.
A MOD is like birth control ... it doesn't work 100% of the time, and it is expensive to develop the best method available. 
I hope someone does help with your request for a MOD. It would be a nice feature to have.
Good luck,
Etymon
|
|
|
|
borge
Junior Member
Norway
185 Posts |
Posted - 08 July 2003 : 16:01:02
|
quote:
Originally posted by sacred
On a side note it would be really easy to send spam emails through snitz with the inhouse message sender mod. Someone who has knowledge of programming could easily do it a couple of different ways that would take from a few seconds manually for each entry to running a batch program. Just depends on how willing the person is going to go to send spam. To detour the easiness it would be best if the ID was a session variable and not sent along the command line or through any form hidden field. Then they would have to click one by one to send an email.
Same goes with getting them from the database through HTML pages served, however, a little bit more difficult. They also can write a batch program to submit the pop_mail.asp form and simply increase an ID field with a counter then they can extract information from the html through a program analyze the data and grab the email addresses. Same as above be harder if it was stored via session variable and not on the command line or a hidden form field.
To me two things can help storing the ID as a session variable so it is not passed along the command line as well as a limit on how many times the pop_mail.asp is served up is the best thing to deter spammers.
Are you saying here that it is actually quite easy to harvest the email addresses from a clean Snitz just by using a batch program, or is that forums using a specific MOD? |
borge |
|
|
|
spyordie007
Junior Member
USA
408 Posts |
Posted - 08 July 2003 : 16:35:17
|
quote:
Originally posted by borge
quote:
Originally posted by sacred
On a side note it would be really easy to send spam emails through snitz with the inhouse message sender mod. Someone who has knowledge of programming could easily do it a couple of different ways that would take from a few seconds manually for each entry to running a batch program. Just depends on how willing the person is going to go to send spam. To detour the easiness it would be best if the ID was a session variable and not sent along the command line or through any form hidden field. Then they would have to click one by one to send an email.
Same goes with getting them from the database through HTML pages served, however, a little bit more difficult. They also can write a batch program to submit the pop_mail.asp form and simply increase an ID field with a counter then they can extract information from the html through a program analyze the data and grab the email addresses. Same as above be harder if it was stored via session variable and not on the command line or a hidden form field.
To me two things can help storing the ID as a session variable so it is not passed along the command line as well as a limit on how many times the pop_mail.asp is served up is the best thing to deter spammers.
Are you saying here that it is actually quite easy to harvest the email addresses from a clean Snitz just by using a batch program, or is that forums using a specific MOD?
No, not harvest them but use the forum to send the messages via en batch. |
Power - The only narcotic controlled by the SEC, not the FDA.
Prosperity without pollution! The American Hydrogen Association - http://www.ahanw.org
Questions about Hydrogen? Post them on our forum - http://www.ahanw.org/forum |
|
|
|
volition
Starting Member
USA
49 Posts |
Posted - 04 August 2003 : 14:42:46
|
What about a mod working off current other mods as such:
I already have installed UserLevelMod (which puts anyone's first X posts into moderation) and UserProbationMod (which puts selected user's posts into moderation).
With these 2 already installed, it should be easy to then block all e-mails sent from anyone in moderation mode.
All new users will not be able to send e-mails until such time as they have posted a few times and anyone who sends rude e-mails can get put into Probation, which would force all their posts to be moderated AND stop them from sending e-mails.
____
Another idea would be to have all e-mails BCCed to admin. This would catch itiots quicker but could in invacive to your members. It depends on the forum if this is appropriate.
Another idea would be to have all e-mails BCCed to admin. This would catch idiots quicker but could in invasive to your members. It depends on the forum if this is appropriate. |
Volition® - The Net's Oldest Free-Stuff Site
Snitz Forum at http://forum.volition.com/ |
|
|
|
borge
Junior Member
Norway
185 Posts |
Posted - 05 August 2003 : 13:46:02
|
quote:
Originally posted by volition
With these 2 already installed, it should be easy to then block all e-mails sent from anyone in moderation mode.
This might be a good idea, what needs to be done to make it work that way? |
|
|
|
Topic |
|
Topic Locked
