Spamproofing the Archives

From: Steve Jones <classiccmp_at_crash.com>
Date: Sat Dec 7 14:22:01 2002

> That's the point that spammers would attack, if they could be
> bothered to try.

I'm sortof wondering what archive sites like the Wayback Machine
are doing to prevent address harvesting, if anything. Seems like
exactly the sort of thing that would be worth some effort prying
open...

> Make damn sure that whatever CGI script you use defends against
> any characters in the email form being interpreted as any sort
> of metacharacters.

Can't stress this point enough. Limiting length is good too, look
to RFCs for figures.

I'd also submit any message via a TCP connection rather than
invoking anything from the script, e.g. `sendmail -bs`. I can
give you a simple example using Perl if you need it.

Hmm, do I have any links/guides for safe web form handling... ?

--S.
Received on Sat Dec 07 2002 - 14:22:01 GMT