|Keep It Simple, Stupid|
Iím planning on implementing a pessimistic spam filter for an e-mail address under my control.
The filter would kill any mail not bearing a valid token id.
Tokens, in this case, are nothing more than DB entries with a counter that decrements upon each usage.
If required, I might add in other criteria such as time and sending address.
Iím planning on offering Ďsingle useí tokens on my web page as a possible alternative to giving away my e-mail address. The act of getting a token and the required e-mail address should be painless for a human user but beyond the capabilities of your normal e-mail collection bot. (eg. Requires a post operation etc.)
This way I should hopefully get the best of both worlds.
To those I know, thereís the following options:
- I can give an Ďunlimited useí token for those whom I trust but just wish to annoy. ;)
- I can give a Ďlimited useí token for those I must survive multiple correspondences with but absolutely no more than necessary.
- I can add somebodyís pertinent details to the filter and forgo the need for a token at all.
To those I donít know, I give the opportunity to contact me via e-mail without the significant possibility of catching the ever popular spam epidemic.
Okay I can dig up as many Mail handling modules as the next guy so my question isnít related to code specific things.
Itís more of a sounding board type of thingie.
Does anybody know of a similar system already in place?
Are there any subtle security issues here that Iím likely to find out the hard way?
Spam collection bots may be relatively easy to outsmart but crackers and the like are not. Any tips here for a person familiar with the CGI coding do/ntís but not the e-mail ones? (eg. Overflows in the token generation page etc.)
Thank you for your hair loss time.