[Mailman-Developers] CAPTCHA support
Rich Kulawiec
rsk at gsp.org
Wed Mar 9 08:43:18 EST 2016
On Mon, Mar 07, 2016 at 11:35:00AM +0100, Florian Fuchs wrote:
> There are a number of alternatives to captchas to prevent spam. None of them
> is perfect, but one I kind of like is the honeypot approach:
There are others as well. A few scattered examples:
1. Use the Spamhaus DROP and EDROP lists to forbid all access from
networks known to be hijacked and/or entirely controlled by spammers.
By "all", I mean "drop all packets at the firewall" and "do so
bidirectionally".
2. Use the various Spamhaus DNSBLs (particularly: Xen) to block
SMTP traffic. The false positive (FP) rate from this is neglibly low.
3. Use country-specific IP allocations (see: ipdeny.com) to grant
or deny access on a country-by-country basis. This won't work so
well for global mailing lists, but -- to make up an example -- a
list for skiers in western Colorado is unlikely to have subscribers
from Pakistan, Peru, or Portugal. So why not block those countries
entirely? The likelihood of a FP is tiny and can be mitigated by
providing a reporting method for those affected.
There are more, and the decision on which to employ depends on the
site, the list(s), the audience, etc. But these are well-understood,
reliable, robust, difficult-to-game, predictable methods which yield
excellent results.
---rsk
More information about the Mailman-Developers
mailing list