I get bounces and delivery-delay notifications from the package-server account signup/login system.
I am seeing a vast number of failed and delayed registration/login emails to suspicious-looking email addresses recently. I suspect we might be under spammer attack :-( We could do a few things: 1. switch to "log in with github", "log in with google", etc. 2. add a dumb domain-specific captcha like "(foldl + 0 '(1 2 3)) = ?" 3. add recaptcha I don't very much like 3 because eww, who wants to help train murderbots? I don't know if 2 will help, either in the short or long term. Picking 1 will turn people off and is generally a bit exclusionary. But I think 1 is likely the best option all around. Get someone else to do the expensive heavy lifting. Tricky problem. (Hard to imagine what the spammers are getting out of this, if even they're there... Perhaps step 0 is to keep better logs of what's going on in the system.) Tony -- You received this message because you are subscribed to the Google Groups "Racket Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/racket-dev/09e0b475-2b7b-93ab-fc54-d47cf21ced8f%40leastfixedpoint.com.
