OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Thomas -Balu- Walter (list+postfix-users_at_b-a-l-u.de)
Date: Mon Sep 02 2002 - 03:15:35 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    On Sun, Sep 01, 2002 at 10:44:30PM -0700, Friedrisch Muller wrote:
    > Sorry, I may now get a bit off-topic now... but you
    > guys seem to be the right persons to ask about this...
    > :)

    I've marked the thread OT, but I think you are right ;)

    > What do you think about technics to avoid getting into
    > the spammers lists?
    >
    > Is it worth trying to hide your e-mail-address on
    > webbpages like
    >
    > friedrisch at yahoo dot com
    > friedrisch yahoo.com

    I guess the spambots will get intelligent enough to figure that out soo.

    > friedrisch<x>yahoo.com

    Do you only want to display the address or do you want to make it
    clickable using mailto: links? First helps, but second is more "user
    friendly".

    Some nice techniques can be found on
    http://www.neilgunton.com/spambot_trap/

    One idea I am using is listed there too below "Some other interesting
    ideas:"

    ----- snip -----
    While working on my new hompepage I found myself asking me how to defend
    against those bots. I didn't want to break my eMail-address or to hide
    it using javascript or images - especially because my visitors should be
    able to use mailto: links as expected.

    My provider set up a "catchall" mailbox where all mails are stored that
    are sent to my domain example.com. Since I am developing my pages using
    PHP I thought of a way to make them unique for each visitor. The result
    was the following small function:

    function generateMail(){
        global $HTTP_SERVER_VARS;

        // is a proxy in use?
        if ($HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"]) {
            $ip = $HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"];
        } else {
            $ip = $HTTP_SERVER_VARS["REMOTE_ADDR"];
        }

        return "web-".sprintf("%u", ip2long($ip)).".".time()."example.com";
    }

    This generates an address in the form

       web-32bitIP.timestampexample.com

    This way I can easily reject addresses that were found by bots and are
    used for SPAMming. I even know where the bot came from and when. I can
    even find them in the webserver-logfiles and analyze their activity.
    ----- -----

         Balu
    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users