[clug-talk] anti email harvesting (was Website Changes)
jmajor at clug.ca
Fri Nov 19 11:15:24 PST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 19 November 2004 4:31 am, Niels Voll wrote:
> As a user I have always disliked the form submission quite a bit,
> because it does not leave me with a record of my submission in my mail
> client's "Sent" folder; So when given the choice I avoid those forms.
I'm sorry that you are biased against this type of submission. Ultimately, you
use whatever method you are comfortable with. The form was created this way
to prevent more SPAM from coming our way. Nick provided an excellent
technique of dealing with this and I may change the form to give the user of
mailing themselves a copy of the message.
> In addition, I have lost some messages, due to accidentally closing the
> browser window or tab before having sent the message. This happens once
> in a while when one is multi-tasking or interrupted while composing a
> message. My email client tends to be much more forgiving that way - it
> asks, if I want to save the draft message before it quits the
> application. So personally, I just don't find a submission form
> particularly user friendly.
I have a suggestion for this. Compose your message in a text editor and copy
the message into the textbox when you are ready. This effectively deals with
both problems actually, you can keep your own copy of the file and where it
was sent. No it's not as convenient as having a record of it in your email
client. If the web app times out or craps out for some reason you can try
again as many times as it takes to submit it.
> And the submission form is not a particularly high guarantee of
> anonymity for the user of the form. Unless the sender sits behind a
> gateway or proxy mechanism of some kind, which is shared by many people,
> in many cases the identity of the sender could be correlated via IP
> addresses rather easily, if a reasonably recent email from the sender is
> available. So while the website operator / recipient of the form based
> message may promise not to check IP addresses, this is of little
> consolation to anyone with a bit more technical savvy, who desires
> guaranteed anonymity. I bet most of us could figure out the identity of
> a high percentage of CLUG members by IP address. In some cases it may
> narrow it down to 2-3 people because they are sitting behind a common
> gateway or proxy-server, but even that is not particularly anonymous.
The Board is not interested in chasing down people who submit, this goes for
the Suggestion/Comment box. Sure there are server logs. I could also have
included code to track IP's. It was decided that this was not important and
ultimately not accurate anyway. With the high level of expertise in this
group, I would not be surprised if anyone within it that wanted to submit
something anonymously could probably do so.
This point is digressing. The bottom line is that if someone wants to indicate
who they are or how they can be reached they may include this in the message.
The form was designed simply. It works. The one suggestion that I will be
implementing is a way to select multiple Executive Board members if the user
wants to send multiple people as once but not the whole Board.
> But since I can send regular emails to the CLUG folks, it doesn't bother
> me that the form is on the CLUG site for those people who feel
> differently than me :)
Exactly, it's all about choice. You choose to communicate this way, for others
we have the Executive contact form and the Suggestion/Comment box. I find it
very interesting that so many people are questioning the validity of this
endeavor. The intention is to provide as many ways to reach us as possible.
We are trying to avail ourselves to anyone who cares to contact us. I can
tell you that not every Executive reads every single message on this list and
not necessarily every day either. If you want guaranteed success, you can use
the form or mail us directly. We haven't hidden our email addresses on the
mailing lists (they are in the archives) so it's not hard to fin out how to
get in touch with us.
GPG Fingerprint: FA4A 1EA3 A0EE A842 07BB 804C 0090 14F6 BE6E DE3D
Registered Linux User: #224211
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the clug-talk