Subscription Mailbombing: Must Read

SendGrid's Paul Kincaid-Smith's has a post up this morning about the "tsunami of unwanted email" generated by the bad guys out there using botnets to subscription bomb (aka harass) people and why you should secure subscription signup forms.

The bad news is, this abuse causes problems for otherwise good email senders. You didn't cause it, but you'll get caught up in it, if you don't take precautions. If you have an email signup form out there in the wild, it's time to add a bit of security to it to prevent the pain you'll run into if and when you get Spamhaus blacklisted because your signup page got abused.

TL;DR? If you have an email signup form, you need to enable COI/DOI (double opt-in) and also add a CAPTCHA-like process (reCAPTCHA is recommended), or else when the botnet bad guys get to you, they're going to sign lots of people up to your lists who don't want to be there, and pain is sure to follow.

No comments:

Post a Comment

Comments policy: Al is always right. Kidding, mostly. Be polite, and you're welcome to join in, even if it's a differing viewpoint.