Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online Now
2 registered members (isaac, Zarzal), 82 guests, and 228 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
QSS Tim
QSS Tim
Oroville, CA
Posts: 98
Joined: October 2004
Show All Member Profiles 
Top Posters(30 Days)
Gizmo 17
isaac 10
SteveS 8
Morgan 5
Ruben 4
jorb 4
Jake 1
Latest Photos
Test
Testing to drag photos
Comfortable Cats
Test
BSA photos
Previous Thread
Next Thread
Print Thread
Tell a Friend #137617
09/12/00 07:50 PM
09/12/00 07:50 PM
A
Anonymous OP
Unregistered

It would be nice to have something like this
<A HREF="http://www.local599.org/cgi-bin/tell/3/tell.cgi" target="_new">http://www.local599.org/cgi-bin/tell/3/tell.cgi</A>
to inform users of your site!

Express Hosting
Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."
Re: Tell a Friend #137618
09/12/00 08:37 PM
09/12/00 08:37 PM
A
Anonymous OP
Unregistered

I have three hacks that might interest you:

1. <A HREF="http://www.amdragon.com/cgi-bin/wwwthreads/showthreaded.pl?Cat=&Board=hack&Number=1444&page=2&view=collapsed&sb=5" target="_new">Tell-a-Friend</A>

2. <A HREF="http://www.amdragon.com/cgi-bin/wwwthreads/showthreaded.pl?Cat=&Board=hack&Number=1191&page=2&view=collapsed&sb=5" target="_new">Send this Post to a Friend</A>

and

3. <A HREF="http://www.amdragon.com/cgi-bin/wwwthreads/showthreaded.pl?Cat=&Board=hack&Number=1315&page=1&view=collapsed&sb=5" target="_new">Send2Friend PLUS</A>

- an enhanced version which has Send this Post to a Friend plus a Global HTML Email Option.

<img src="http://www.amdragon.com/images/eileensig.gif" alt=" - " />

Re: Tell a Friend #137619
09/13/00 09:54 AM
09/13/00 09:54 AM
A
Anonymous OP
Unregistered

Let me point out that, (without looking at the specific code for any of these hacks), the abuse potential on them is QUITE high, and I wouldn't (personally) recommend it to anyone.

D

Re: Tell a Friend #137620
09/13/00 11:13 AM
09/13/00 11:13 AM
A
Anonymous OP
Unregistered

Hi Dredd. We were thinking about implementing some sort of "tell a friend" thing but we were concerned about abuse too. We decided that once we got W3T up we would integrate it with that to have the message sent to the "friend" include the (already verified by W3T) email address of the person doing the sending (and they would be told that this would happen). The idea was that people wouldn't spam if they couldn't do it anonymously. We were also planning to notify the "friend" that they could have their email address put on a list to block such emails from our site in the future. I don't know if Eileen's hacks have such things already built in (I haven't looked). Do you think there would still be a significant risk of abuse? Any interesting stories you would like to share? Thanks.

Bill Dimm, <A HREF="http://MagPortal.com/" target="_new">MagPortal.com</A> - find magazine articles

Re: Tell a Friend #137621
09/13/00 11:28 AM
09/13/00 11:28 AM
A
Anonymous OP
Unregistered

Hotmail, Excite, Yahoo all offer what a spammer considers "throwaway" e-mail addresses.

e.g., they get a freemail account, register with your board, and then spam the hell out of someone.

It needs to have some rate-limiting involved. (e.g., maybe you can only invite X users per month, where X is some value calculated based on the number of posts you yourself have made. Likewise, address foo@domain.com can only RECEIVE Y invitations, to prevent someone from using you to mailbomb someone.)

It gets very cluttered and confusing, and (from my practical experience) isn't worth the effort, as the recipient almost always considers it spam and deletes it without reading.

D

Re: Tell a Friend #137622
09/13/00 12:08 PM
09/13/00 12:08 PM
A
Anonymous OP
Unregistered

Doesn't this sort of mail-bombing risk already exist with the "I forgot my password" feature in W3T?

Bill Dimm, <A HREF="http://MagPortal.com/" target="_new">MagPortal.com</A> - find magazine articles

Re: Tell a Friend #137623
09/13/00 12:18 PM
09/13/00 12:18 PM
A
Anonymous OP
Unregistered

Yes, it does. (Sadly). I haven't seen it exploited in the wild, but doesn't mean I think we should add a bunch of new "features" with the same vulnerability, either.

d

Re: Tell a Friend #137624
09/13/00 01:43 PM
09/13/00 01:43 PM
A
Anonymous OP
Unregistered

My hacks all include the poster's email address and they can only send to *one* recipient. I think it would take too much of their energy to keep sending over and over for them to bother. There's much easier ways to spam if that's what they're into...

<img src="http://www.amdragon.com/images/eileensig.gif" alt=" - " />

Re: Tell a Friend #137625
09/13/00 01:48 PM
09/13/00 01:48 PM
A
Anonymous OP
Unregistered

<blockquote><font size=1>In reply to:</font><hr>

I think it would take too much of their energy

[/quote]

Hmmm, LWP is your friend. Shouldn't be too hard to do:

foreach $victim (@bigarray)
{
my $req = new HTTP::request(GET "blahblah&address=$victim");
my $response = $ua->request($req);
}

(syntax here is intentionally boned, too lazy to look it up). Point is, it can't be that hard at ALL to use it as a nice convenient spam tool, using the web site's mail path as the source.

Muy muy bad.

D

Re: Tell a Friend #137626
09/14/00 02:25 AM
09/14/00 02:25 AM
A
Anonymous OP
Unregistered

Anybody who is prepared to go to those lengths is going to find a way whatever we do. I see no reason to cripple our sites in a futile attempt to thwart them.

<img src="http://www.amdragon.com/images/eileensig.gif" alt=" - " />

Re: Tell a Friend #137627
09/26/01 11:35 PM
09/26/01 11:35 PM
A
Anonymous OP
Unregistered

Just FWIW, we've had a "refer a friend" feature on our site for four years. We average 100K pages served per day and have our share of psychos and we've NEVER EVER had the "refer a friend" feature abused. Not one single complaint in four years.

So while I'm not saying it can't happen, there are

1. easier ways for stupid people to screw with you

and

2. easier ways for smart people to screw with you.

so it tends not to be an issue.


Shout Box
Today's Birthdays
No Birthdays
Recent Topics
header.php after update from 7.5.x to 7.6.x
by Zarzal. 12/12/18 05:29 AM
Does 7.6.2 support php 71?
by Baldeagle. 12/12/18 02:17 AM
Cannot contact support
by . 12/11/18 06:43 PM
errors importing a database
by andrewjs18. 12/11/18 03:51 AM
Private Message, Opt out of conversation
by jorb. 12/04/18 10:11 PM
Forum Statistics
Forums36
Topics35,176
Posts191,655
Members12,121
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.2