"David T. Ashley" <[EMAIL PROTECTED]> writes: > That is not the end of the world. As Jason has pointed out in > documents, it is simple enough to extend TMDA to require a more > intelligent response (i.e. from a real human). > > The question is how to get the most immunity from any conceivable > autoresponder system while still making it easy for humans.
Yup. I probably get a spammer "confirming" their SPAM once every 6 weeks or so, and it's usually a broken auto-responder (responding to Reply-To) telling me the account is over its quota or something. > One possibility is to attach a graphics file containing a word which > must appear in the reply, perhaps with a background to confound any > image recognition programs. Another is to ask a question requiring > a specific response. This is vast overkill at this point. There isn't any evidence that something like this is even close to necessary. If you are that sensitive to the occasional SPAM, I'd suggest one of these two approaches. 1) Edit confirm_request.txt and remove the Reply-To line. Now there is no address anywhere that an auto-responder can use to release the message. This means legit senders will have to pick out the confirm address from the body of the message instead of just hitting "Reply", so it will be slightly more inconvenient for them, but still not bad. 2) When TMDA 0.66 is released in a few days, use the new web confirmation system, which allows you to imbed a URL in confirm_request.txt that when clicked on, will release the message. This is an alternative to the traditional e-mail confirmation method. _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
