David W. Tamkin wrote:
> When Alvin Oga wrote,
>
>> - a good list manager sw will be able to defeat this
>> faked autoconfirmation from a supposed human confirmation
>
> Jim Galvin asked,
>
> | Would you please describe how one could detect that a message came from
> | a human and not an autoresponder?
>
> Perhaps to confirm one would have to follow some instructions other than just
> replying. (Such a requirement would lock out attempted subscriptions by
> humans who won't read instructions, but that might be a good thing.) For
> example, autoresponders are likely to quote back (a) none of the received
> text, (b) all of the received text, or (c) a certain amount from the top of
> the received text. So if the applicant is sent two confirmation codes and in
> order to confirm has to return only the lower one without the upper one, a bot
> is likely to fail. Or if the confirmation code needs to be edited slightly --
> say it is twelve characters long, and it has to be sent back with the first
> five characters moved to the end -- a bot is likely to fail.
>
> And of course, so are 98% of human applicants.
Which makes it very odd that you would consider this "good list
management software". If list management software could distinguish
between a reply-bot and a human, for it to be considered "good" it would
have to do it in a way that doesn't foil the normal human subscription
confirmation process. IMHO, such a software product doesn't exist,
because there is no way (via text email) to make the process both easy
for the human and difficult for a reply-bot. That is why many large
free sites are using "type in the word you see in the graphic below" to
thwart subscribe-bots, but this technique doesn't work in a plain-text
email world.
Will this be the end for "plain text email for those with no web access"
mailing lists?
jc
Follow-Ups:
References:
|
|
