The mailto: links have been replaced with a web form that alumni can use to send a message.
Since the website doesn’t require a login, it’s not totally spam-proof. I do include an MD5 hash of the real email address in the form as a hidden variable, so there’s some guarantee that you’ve at least first fetched the form from my website before hitting submit. This isn’t that much for security, but it means that someone writing a robot to abuse the site would have to do some extra work (fetch the webpage first, grab the hidden field, and then submit it back with the spam message).
I’m also using the Email::Valid module to check to make sure that the return address is RFC822 compliant.
People have often asked why the website doesn’t use a password/registration model like alumni.net or classmates.com, because it would certainly do more to discourage spammers. It turns out that spam hasn’t been too big of a problem for the 1500+ alumni listed on the website for the past seven years, and the complexity of passwords and registration just make life things to difficult when all you want to do is send a quick hello to someone you haven’t seen in 10 or 20 years. For the time being, the trust model is working well enough.
Hello Michael,
Well as far as security is concerned, how can you make sure that forcing the person to login first is more secure? If the main idea is to stop the bots (these days bots are advanced enough to login to a site, grab the cookies it gives and give the cookies back to it), then shouldn’t the following two be enough:-
1) Passing the ‘id’ like you are doing. This is used to query the database to get the email address where email is to be sent when it is about to be sent.
2) If we use images that have some text written on them and ask users to enter that text. We can include a hidden field whose value is md5 hash of the text in the image plus some more text for added security. After this when the user submits after typing the code, add the hash to the database to make it un-usable for some future time like 1 hour, so that bots cannot use the code again. Increasing this time limit to infinity will mean a code/hash once used will never be used again.
But do we need security as tight as this?
sdafasdf