[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spam-proofing my mhonarc archive



What's the bigger annoyance, spam, typing a username or editing the email address? What is your favorate solution then? Did you get your cgi to work without sending the email address of the recipient? You should just send the message # and your cgi can pick the email address out of a table.

Mark Stosberg wrote:

Got something for javascript? How about:
Dodge TownWagon list archive (user name = dodge & pass word = townie)
Http://www.psmfc.org/~wade/dodge/list

I think you can also simplify the JavaScript out of the solution by
encoding the username and password into the name displayed in the
.htaccess pop-up window. This should also make it even easier for the
users to "guess" the password. Maybe something like this .htaccess file
example:

AuthUserFile /home/admin/.htpasswd
AuthType Basic
AuthName "Welcome! use username 'foo' and password 'bar' "
<Limit GET>
require valid-user
</Limit>

####

Perhaps it's even possible to for .htaccess to just require a username
without a password?

Still, this solution is not my favorite because it has the potential to
annoy or confuse users who don't understand about e-mail address
harvesting.

Mark

--
. . . . . . . . . . . . . . . . . . . . . . . . . . .
Mark Stosberg Principal Developer
mark@summersault.com Summersault, LLC
765-939-9301 ext 202 database driven websites
. . . . . http://www.summersault.com/ . . . . . . . .

---------------------------------------------------------------------
To sign-off this list, send email to majordomo@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-USERS



---------------------------------------------------------------------
To sign-off this list, send email to majordomo@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-USERS


[Index of Archives]     [Bugtraq]     [Yosemite News]     [Mhonarc Home]