Those messages about "AUDITORY list edit URL" (Dan Ellis )

Subject: Those messages about "AUDITORY list edit URL"
From:    Dan Ellis  <dpwe(at)EE.COLUMBIA.EDU>
Date:    Sat, 14 Jul 2001 11:51:15 -0400

Dear List - Last night, every one of you was sent an email message giving you the passcode-protected URL through which you can edit your AUDITORY list information. Although the URL and the web page are legitimate and work correctly, the message informing you of the URL was sent in error. My apologies for the confusion this has caused. What happened was this: As many of you know, I have been quietly implementing a more automated web-based system for maintaining the list. In order to make it fully automatic, I needed a way to let individual list members find out the passcode-secured URL to edit their own entries. Anyone who knows the main list index URL ( audindex.html ) can view the information record for any of the list members who are listed there. (That was the point of gathering this information in the first place, so that other members of our community could refer to it.) Of course a casual reader cannot change the information, but there is a link on the record-view page that, if clicked, results in an email message being sent to the registered email address for that user giving them the URL including the passcode that they should acccess to change their record. Thus, a list member can go to the index, view their record, then, if they want to change something but don't have a record of their passcode, they can click the link and it will be sent to them. Anyone else could click that link too, but it would only send a message to the registered user. Last night, audindex.html was found by a web-crawler robot, which I suppose was bound to happen sooner or later. Every single member page was retrieved, and every single "mailback the URL" link was hit. Since the system is still being debugged, I cc: all the automatic messages to myself, so I had over 1000 messages in my inbox this morning! The good news is that the system appears to have handled the exceptional load without any major problems. Also, now that this problem has been identified, I have updated the site's "robots.txt" file to make sure that co-operative webcrawler robots know not to do this again. So I hope we won't see a repetition. Apologies again for the confusion. I welcome comments on this setup or situation. Best, -- DAn Ellis <dpwe(at)> Dept. of Elec. Eng., Columbia Univ., New York NY 10027 (212) 854-8928

This message came from the mail archive
maintained by:
DAn Ellis <>
Electrical Engineering Dept., Columbia University