Yes, that's called a timeout. And Piers Cawley had it right when he said
Even if you miss the timeout 9 times out of 10, there's always another punter.
There's no way for you to know, serverside, whether the access is by a spammer or by a real user, so as long as the spammer gets an answer to his captcha fast enough he can spam your blog with impunity.
On Mar 12, 2006, at 9:22 PM, Daejuan Jacobs wrote:
I see what you're saying, but if my server deletes the session after you access the page to get the image (or timeout), than what you're tying to server me is invalid. On 3/12/06, Kevin Ballard <[EMAIL PROTECTED]> wrote:Uhh, what? The spammer serves back the result in the same session they got the captcha in the first place. This is an automated process so it has the potential to be fast enough.
-- Kevin Ballard [EMAIL PROTECTED] http://kevin.sb.org http://www.tildesoft.com
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Typo-list mailing list Typo-list@rubyforge.org http://rubyforge.org/mailman/listinfo/typo-list
