Re: AUDITORY Digest - 13 Jul 2001 to 14 Jul 2001 (#2001-137) (Jont Allen )

Subject: Re: AUDITORY Digest - 13 Jul 2001 to 14 Jul 2001 (#2001-137)
From:    Jont Allen  <jba(at)RESEARCH.ATT.COM>
Date:    Sun, 15 Jul 2001 10:44:37 -0400

Dan, mailman does something smart. It does not make the list so transparent. If you look at, at the corespondent list, the email URL is broken up so that it does NOT make a legal email address. This makes it much harder for a robot crawler to automatically generate a spamming list. I suggest you do the same to our names. For example, replace the (at) with " at " would do it, or just replace the (at) with a dash, *, blank etc. Jont Automatic digest processor wrote: > There is one message totalling 54 lines in this issue. > > Topics of the day: > > 1. Those messages about "AUDITORY list edit URL" > > ---------------------------------------------------------------------- > > Date: Sat, 14 Jul 2001 11:51:15 -0400 > From: Dan Ellis <dpwe(at)EE.COLUMBIA.EDU> > Subject: Those messages about "AUDITORY list edit URL" > > Dear List - > > Last night, every one of you was sent an email message giving you the > passcode-protected URL through which you can edit your AUDITORY list > information. Although the URL and the web page are legitimate and > work correctly, the message informing you of the URL was sent in > error. My apologies for the confusion this has caused. > > What happened was this: As many of you know, I have been quietly > implementing a more automated web-based system for maintaining the > list. In order to make it fully automatic, I needed a way to let > individual list members find out the passcode-secured URL to edit > their own entries. Anyone who knows the main list index URL ( > audindex.html ) can view the information > record for any of the list members who are listed there. (That was the > point of gathering this information in the first place, so that other > members of our community could refer to it.) Of course a casual > reader cannot change the information, but there is a link on the record-view > page that, if clicked, results in an email message being sent to the > registered email address for that user giving them the URL including > the passcode that they should acccess to change their record. Thus, a > list member can go to the index, view their record, then, if they want > to change something but don't have a record of their passcode, they > can click the link and it will be sent to them. Anyone else could > click that link too, but it would only send a message to the > registered user. > > Last night, audindex.html was found by a web-crawler robot, which I > suppose was bound to happen sooner or later. Every single member page > was retrieved, and every single "mailback the URL" link was hit. > Since the system is still being debugged, I cc: all the automatic > messages to myself, so I had over 1000 messages in my inbox this > morning! > > The good news is that the system appears to have handled the > exceptional load without any major problems. Also, now that this > problem has been identified, I have updated the site's "robots.txt" > file to make sure that co-operative webcrawler robots know not to do > this again. So I hope we won't see a repetition. > > Apologies again for the confusion. I welcome comments on this setup > or situation. > > Best, > > -- DAn Ellis <dpwe(at)> > Dept. of Elec. Eng., Columbia Univ., New York NY 10027 (212) 854-8928 > > ------------------------------ > > End of AUDITORY Digest - 13 Jul 2001 to 14 Jul 2001 (#2001-137) > *************************************************************** -- Jont B. Allen, 973/360-8545 voice, 775/796-9844 (fax), 908/789-9575 (home fax) Technology Leader Speech Processing Software and Technology Research Room E161, AT&T Labs-Research, Shannon Laboratory 180 Park Ave., Florham Park NJ, 07932-0971

This message came from the mail archive
maintained by:
DAn Ellis <>
Electrical Engineering Dept., Columbia University