h a l f b a k e r yLoading tagline ....
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
What if email addresses could be protected by an optional "access word"? Any email which did not specify the access word would bounce back to sender unseen. The configurable bounce message could contain the access word in a form understandable by a human but not a bot. Bulk mailers could then resort
to incorporating access words into their spams, but a user could change his access word at any time without worrying about blocking legitimate senders.
Can this idea be defeated by spammers?
(??) TMDA - Tagged Mail Delivery Agent
http://software.libertine.org/tmda/ Baked to a crisp, with many nifty features. [cp, May 28 2002]
[link]
|
|
baked.. use an inbox rules wizard or similar to delete any mails without a certain word in, eg, the subject line. |
|
|
Any idea can be defeated by spammers, if it's worth their time. |
|
|
Not too helpful I wouldn't think. There are certain instances when I accept unsolicited mail that is not spam - this would stop it. It would also require the rewriting of many a newsletter generation component of web apps.
Let hotmail take the strain of spam, and ditch an address if it gets too much rubbish traffic. |
|
|
mcscotland, yamahito, have you read the full idea? The notion is not to completely block everything without the "password", but to reveal the password to a human reader in the bounce message. As long as your unsolicited senders are human and willing to play along, they can still get through. |
|
|
Problems: the extra step might hurt people who can cope with it least; this doesn't scale to mailing lists; some systems block bounce messages (with empty MAIL FROM:<> address), ironically, as a measure against spam. |
|
|
If that accessword was a misspelled word, would security be enhanced? |
|
|
"Deer" RayfordSteele:
I am emailing you to let you no, that I changed my access word from 'deer' to something else, since spammers have already caught on to my access word. I'm now using the accessword "Dr.". |
|
|
[jutta] there are still certain times when I receive auto-generated email (newsletters, auto-confirmations etc.) as well as mailing list postings that aren't directly from a human sender. I can't see how much extra anti-spam benefit I'd get from this, since I'd have to make both email address and password effectively public to receive such mails - how hard would it be for spammers to gather both? Fair enough, a little more effort is required, and I'm all for anything that makes spamming harder, I just can't see that this would really be that difficult to get round (maybe I'm missing something, I don't know). |
|
|
Aside: Once upon a time and with an occasional reminder - I've "instructed" the Security Guards at Paramount Studios to not let certain "Stars" off the lot unless they say "I've got a load in my pants". |
|
|
You write me without the access word, and get my bounce message. "To access my email account, use the word in the image attached in the subject line of your message." The bounce message contains an attachment - a .gif image of the word. Your human eyes read it, and you re-write me and get through. |
|
|
These things can always be defeated by spammers, instructions in english can be parsed, bitmaps can be OCRed. This just adds a layer of complexity that helps those of of us not bulk emailing nonsense. |
|
|
st3f, the key would be to use techniques that defeat OCR technology; for instance, using some sort of optical illusion technique that uses the mindseye to fill in the missing parts. |
|
|
Perhaps apply a few WordArt manips to the picture. 'Nother technique would be to return a text message with the instructions placed, maybe with slight mispellings of key words, amongst a bunch of garbage text. Human readers would be able to pick out the instructions, and human spammers are still a problem, but most automated systems would be stymied. |
|
|
Optical Illusion whatchamacallits need to be for the colo(u)rblind |
|
|
Yahoo does something like this (imbedded 'dirty' graphic) to prevent the automated creation of user accounts. You can try it, if you like. |
|
|
[moderator note: I fixed the mis-spelling in the title, in the assumption that it was unintentional. If it was intentional, I'll change it back.] |
|
| |