On Thursday, May 1, 2003, at 07:48 PM, Tom Neff wrote:
>> and those need to be protected by a challenge/response system.
>
> All of them?
all of them. IMHO, of course.
> For example - a properly written challenge/response system should
> contain a
> postmaster email address to be contacted in case the correspondent has
> trouble navigating the challenge response.
fine, but don't make it a standard role account, so it won't get
dictionary attacked, if you must. if ti gets spam-blasted, it stops
being useful because sites stop watching it anyway...
> I think it might actually violate an RFC to wall off 'postmaster' and a
> couple of others, come to think of it.
>
Nope. has to exist. Deosn't say it can't have a challenge/response to
it.
> Also, from a business standpoint, if you have a customer complaint
> address
> and you encase it in a "how many GIF swirlies am I holding up"
> hoop-jump, you
> could be liable under various consumer protection statutes.
if there's so much spam you don't bother reading the address or disable
it instead, what's the lesser evil here?
Follow-Ups:
References:
|
|