[thelist] State of the art in CAPTCHA decoding?

kasimir-k kasimir.k.lists at gmail.com
Wed Apr 18 16:41:38 CDT 2007

> On Wed, 2007-04-18 at 19:47 +0000, kasimir-k wrote:
>> 2. The most difficult spammers are actually human, not bots. Using 
>> rel="nofollow" attribute does discourage some, but instead of that I 
>> just disallow the string "http://" in the messages,

Shawn K. Quinn scribeva in 18/04/2007 20:48:
> This breaks anything with a legitimate need to use URLs. If the nature
> of the form is such that there's no legitimate need to post a URL,
> that's one thing, but the strength of URL syntax is what the U stands
> for: uniform.

Yes, so before using this approach one really has to consider which is 
greater trouble:
- spam resulting from allowing fully qualified URLs
- legitimate users inability to post fully qualified URLs

For example, I very rarely received legitimate URLs from my own site's 
contact form, but quite frequently spam with URLs. Since I started to 
disallow "http://" I have not received any spam from that form anymore.

How would you prevent human spammers posting links in forms?

> That, and I wouldn't be surprised if spammers start using gopher:// URLs
> instead, just to get around this.

Well, then it would be fairly easy to disallow that protocol too, 
wouldn't it?


More information about the thelist mailing list