1. Home
  2. Categories
  3. Side Bar WTF
  4. Security by ignoring RFCs

Security by ignoring RFCs

  • S

    I think the real problem is email and we should all just start using Twitter instead. Any objections?

    0
  • morbiuswilters

    @snover said:

    I think the real problem is email and we should all just start using Twitter instead. Any objections?

    Other than you rezzing this 19-month-old thread to post this?  Nope.  None.

    1
  • S

    For what it’s worth, the thread was at the top of the list of sidebar WTFs when I responded to it. I don’t generally expect 19-month-old threads to be commingled with new ones on the first page. :\

     

    0
  • PSWorx

    @morbiuswilters said:

    Other than you rezzing this 19-month-old thread to post this?  Nope.  None.

     

    Besides, this was an actual new thought instead of the "lol so true" necro posts we usually get. So there.

    0
  • Mole

    It may be interesting to know about anothing gmail "feature". The fact that it completely ignores any periods in email addresses. It doesn't reject email with them in, it removes them completely before finding the target mailbox (but leaves them in the message for identification purposes). 

    So f.r.e.d.flintstone@gmail.com and fredflintstone@gmail.com are the exact same email box. 

    Therefore if the website your signing up to refuses to accept '+', just add a few '.'s instead. Sure, its not so good, but at least its a way of generating a unique email address that can be filtered. 

    1
  • Weng
    Garbage Person

    @Quietust said:

    Sure, it's a little bit slower, but it's a hell of a lot simpler than trying to keep one's site up to date with every new TLD that gets added.
    Actually, the IANA has a machine-readable list of valid TLDs provided at a fixed URL. You can therefore check for a valid TLD without ever actually updating your program.

    0
  • PJH
    Discourse touched me in a no-no place

    @Mole said:

    Therefore if the website your signing up to refuses to accept '+', just add a few '.'s instead. Sure, its not so good, but at least its a way of generating a unique email address that can be filtered. 
    Placement of dots in the local part of the address doesn't really help since the reason I was using the + form was to detect whether or not the place I gave the address to sold addresses (I also use sneakemail, but didn't bother in this case since it was a bank.) I don't filter on incoming addresses.

    Keeping a list of at least [<number of chars in local part>^2 addresses with all permutaions of local part plus dots] vs [the site I gave it to] is not my idea of fun.

    Update to OP btw (for anyone who cares, and feels the need to have the obvious stated) - they never did reply with a satisfactory answer.

    More fun ensued when I tried to close the account for other WTF reasons.

    1
  • ?

    @PJH said:

     Placement of dots in the local part of the address doesn't really help since the reason I was using the + form was to detect whether or not the place I gave the address to sold addresses

     

    I wonder how many places have just started droping the + and everything after it.

    0
  • PJH
    Discourse touched me in a no-no place

    @tster said:

    @PJH said:

     Placement of dots in the local part of the address doesn't really help since the reason I was using the + form was to detect whether or not the place I gave the address to sold addresses

     

    I wonder how many places have just started droping the + and everything after it.

    Of those that don't reject it? Not that many I suspect, since it's not really a well known/used thing to begin with. On a related note, of the spam I've bothered looking at on gmail, I've not noticed spammers (ab)using it either.
    0
  • H

    That sounds like my bank saying

    "For your convenience the bank will open half an hour later on Thursdays."

    B

    1
Log in to reply