Here's why you need CAPTCHA

I'm only a couple hours into my day today and so far I've received three different emails from three completely different senders, each inviting me to go look at the same exciting erotic webcam site. Each email message came from what I think is a legitimate sender -- the latest one, from some sort of online sushi-related website, which I think is owned by some sort of sushi restaurant or delivery service, probably based in France, given the domain name used. I don't think this online maki maker intended to advertise an adult website, but I suspect that they have open text fields in their registration forms or forward-to-a-friend forms that some spammer is exploiting to send out the gross porn links. And when I, and everybody else, report the mail as spam, the deliverability damage lands squarely on the sushi seller's domain and IP address. Which sucks.

The fact that the bad guys submitted my address to this form is just one of the reasons you shouldn't just accept every email address submitted to your website's registration form without scrutiny. I love my sushi, but not enough to order it online from France. These folks could benefit from email verification, CAPTCHA, and maybe even double opt-in, to help prevent the damage that is undoubtably occurring to their sending reputation right now.

If you want to learn more on the topic, I suggest heading over to the Kickbox blog to read "4 Ways to Protect Your Online Forms" by my work colleague Jennifer Nespola Lantz, where she talks about this kind of thing in more detail.

Post a Comment