[Asrg] Web forms
gep2@terabites.com Tue, 15 July 2003 05:04 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA03537 for <asrg-archive@odin.ietf.org>; Tue, 15 Jul 2003 01:04:30 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cHyt-00083w-MH for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 01:04:03 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6F543J6030986 for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 01:04:03 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cHyt-00083h-J0 for asrg-web-archive@optimus.ietf.org; Tue, 15 Jul 2003 01:04:03 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA03497; Tue, 15 Jul 2003 01:03:59 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cHyq-0001dI-00; Tue, 15 Jul 2003 01:04:00 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19cHyq-0001dF-00; Tue, 15 Jul 2003 01:04:00 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cHyq-00081o-RH; Tue, 15 Jul 2003 01:04:00 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cHyF-0007yi-5k for asrg@optimus.ietf.org; Tue, 15 Jul 2003 01:03:23 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA03433 for <asrg@ietf.org>; Tue, 15 Jul 2003 01:03:19 -0400 (EDT)
From: gep2@terabites.com
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cHyC-0001cK-00 for asrg@ietf.org; Tue, 15 Jul 2003 01:03:20 -0400
Received: from h001.c000.snv.cp.net ([209.228.32.65] helo=c000.snv.cp.net) by ietf-mx with smtp (Exim 4.12) id 19cHyB-0001cG-00 for asrg@ietf.org; Tue, 15 Jul 2003 01:03:19 -0400
Received: (cpmta 11581 invoked from network); 14 Jul 2003 22:03:19 -0700
Received: from 12.239.18.238 (HELO WinProxy.anywhere) by smtp.terabites.com (209.228.32.65) with SMTP; 14 Jul 2003 22:03:19 -0700
X-Sent: 15 Jul 2003 05:03:19 GMT
Received: from 192.168.0.30 by 192.168.0.1 (WinProxy); Tue, 15 Jul 2003 00:03:17 -0600
Received: from 192.168.0.240 (unverified [192.168.0.240]) by nts1.terabites.com (EMWAC SMTPRS 0.83) with SMTP id <B0000024655@nts1.terabites.com>; Tue, 15 Jul 2003 00:32:50 -0500
Message-ID: <B0000024655@nts1.terabites.com>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
To: asrg@ietf.org
X-Mailer: SPRY Mail Version: 04.00.06.17
Content-Transfer-Encoding: 7bit
Subject: [Asrg] Web forms
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 15 Jul 2003 00:32:50 -0500
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
> Most contact webforms in reality send email to one or more persons at the company anyway. The question is that companies do not want to provide their email addresses on website (harvesting and other reasons) and trust what has come from their website rather from direct email. > So the problem is in trying to extend trust that vendor see from their webform to email sender. One such mechanism is to have vendors display to the users on website email addresses such as "sales-xxxxx@domain.com" where xxxxxx corresponds to sessionid of the visitor to their website and exist for certain small period of time. Because session ids can be unique and with 8 hex characters there can be more then enough of them to not be repeated for a long time while the actual email (for example "sales-18f83a73@elan.net") is not too long to not allow user to write it down or copy it over to the mail client software. Relaying on session ids will also allow to trace those who harvest and immediatly send spam as you can then look at the logs and see what ip address was responsible. You know, two can play at that game... how do you think those arrogant companies would like it if the customer wouldn't give them an E-mail address or telephone number either, but instead gave them a URL of our personal homepage webform and forced THEM to reply to US that way, too? Turnabout, after all, IS fair play... Ultimately, what's more important is to control spamming REGARDLESS of where they got the E-mail address from. Gordon Peterson http://personal.terabites.com/ 1977-2002 Twenty-fifth anniversary year of Local Area Networking! Support the Anti-SPAM Amendment! Join at http://www.cauce.org/ 12/19/98: Partisan Republicans scornfully ignore the voters they "represent". 12/09/00: the date the Republican Party took down democracy in America. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Web forms gep2
- [Asrg] Web forms gep2