[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hardening lists against spam attacks
Bill Frantz wrote:
>
> (3) In order to limit the number of posting tokens, the list server will
> only issue a few per day. The lucky few who get them, everyone who asks
> under normal circumstances, may be determined by an algorithm designed to
> limit token collection by future attackers. (This area is where this
> proposal needs work!)
>
Send a number of unique tokens to each subscriber each day. Enforce a
rule that only posts with valid current tokens may be accepted. The
number of tokens should initially be very small (say, one per day) and
then should be quickly increased to a sufficient number, like 10 or 20,
as the subscriber shows a record of using tokens properly (as defined by
acceptable content rules).
A database is kept as to who was issued which tokens.
If tokens are used improperly (to post off-topic materials) the
offending subscriber is denied any further tokens.
The problem of this scheme is (besides its cost) that anonymous users
will not be truly anonymous.
- Igor.