On Wednesday, 28 January 2015 at 04:17:12 UTC, Jonathan Marler
wrote:
Just had a thought. You could expose the email addresses only
for users that are logged in. That way the evil robots won't
be able to steal the email addresses but real people can still
access them easily. However, maybe it is meant to be difficult
by design? in which case nevermind :)
Registration on the forum is currently very simple because it
grants no additional privileges. Half of the spam that we had was
coming from registered accounts, so it's not likely to be a
considerable deterrent.
I have thought about (and even implemented, but never enabled)
adding a link which allows getting a user's email address after
solving a CAPTCHA challenge.
I am hesitant to enable this, because:
- The reCAPTCHA MailHide API documentation has been quietly
removed from Google's website.
- The email hiding feature on Google Code now no longer allows
solving a CAPTCHA to get an email address.
Something tells me that in spam economics, a working email
address is worth much more than the cost of solving a CAPTCHA.
Of course, in our case, it would be easy to harvest everyone's
email from the NNTP server. But most spammers don't know that.
