Bitcoin Forum
December 10, 2016, 03:06:50 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: the exact reason why Flexcoin has a no links in e-mail policy  (Read 945 times)
the founder
Sr. Member
****
Offline Offline

Activity: 448


Bitcoin


View Profile WWW
September 02, 2011, 04:45:00 PM
 #1

From:    info@mtgox.com
Reply-to:    info@mtgox.com
To:    XXXX@XXXX.XXX
Subject:    [Mt.Gox] Your account blocked
Date:    09/02/2011 12:24:36 PM


Dear Mt.Gox user,

Your account will be blocked for violating the rules of exchange.
Details:https://www.mgtox.com/users/blocked  (edit -- the link goes to a scam site)

Thanks,
The Mt.Gox team

Bitcoin RSS App / Bitcoin Android App / Bitcoin Webapp http://www.ounce.me  Say thank you here:  1HByHZQ44LUCxxpnqtXDuJVmrSdrGK6Q2f
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481382410
Hero Member
*
Offline Offline

Posts: 1481382410

View Profile Personal Message (Offline)

Ignore
1481382410
Reply with quote  #2

1481382410
Report to moderator
1481382410
Hero Member
*
Offline Offline

Posts: 1481382410

View Profile Personal Message (Offline)

Ignore
1481382410
Reply with quote  #2

1481382410
Report to moderator
tysat
Legendary
*
Offline Offline

Activity: 952


Keep it real


View Profile
September 02, 2011, 05:18:15 PM
 #2

Because a no links in e-mail policy will stop spammers from putting in links?

It's unlikely that everyone (or even most) will remember the policy, so it's not a giant selling point.
the founder
Sr. Member
****
Offline Offline

Activity: 448


Bitcoin


View Profile WWW
September 02, 2011, 06:14:52 PM
 #3

Because a no links in e-mail policy will stop spammers from putting in links?

It's unlikely that everyone (or even most) will remember the policy, so it's not a giant selling point.

oh I don't care about "selling"  I care about not getting my clients scammed.   


Bitcoin RSS App / Bitcoin Android App / Bitcoin Webapp http://www.ounce.me  Say thank you here:  1HByHZQ44LUCxxpnqtXDuJVmrSdrGK6Q2f
lathomas64
Full Member
***
Offline Offline

Activity: 130


Working on a new game -- Fortunes


View Profile WWW
September 02, 2011, 06:21:22 PM
 #4

I think the point is that if there is a link in an e-mail, it is clearly a scam.

CTO and lead developer at Cliché Studio
free bitcoin every day
_______________________________________
12FHjesgiE7uSMPKwUYiYqUw2aE1kQF2aS
wolftaur
Member
**
Offline Offline

Activity: 112


View Profile
September 02, 2011, 08:07:07 PM
 #5

Because a no links in e-mail policy will stop spammers from putting in links?

It's unlikely that everyone (or even most) will remember the policy, so it's not a giant selling point.
oh I don't care about "selling"  I care about not getting my clients scammed.   

You'll want to make sure that it is made extremely clear to every user of your site that no REAL e-mail that comes from you will ever contain a link. For example, you might put it on the news page. Or have it so that when someone signs in they get a clear message about it at least once.

You will want to make sure that all of your customers, not just the customers on the forum, know that you have a very strict policy of not putting a link in an email. Your policy only has a chance of thwarting a scammer if the person who reads a scam mail knows "Oh, OK, I see a link, I know it can't possibly be from them even though it looks genuine otherwise."

The more educated your users are the more successful you have been in helping them thwart phishing.

"MOOOOOOOM! SOME MYTHICAL WOLFBEAST GUY IS MAKING FUN OF ME ON THE INTERNET!!!!"
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
September 02, 2011, 08:22:09 PM
 #6

Hmm.  A policy.  That is a damn good idea.

A TXT record in DNS for the domain.

Code:
flexcoin.com. IN TXT "x=PHISHING v=1 U=none"

Then your mail client (or any server along the way) can say "this email claims to be from flexcoin.com.  flexcoin.com has a published policy that says they will never include links in their emails.  This email has a link in it.  Delete.  Notify spamcop, spamhaus and spamfrauline.  Block the source IP".

U could even be server and path, so that mails from your domain can only contain links that go back to places that you want them to go to.  Maybe have another field to act as a filter for attachments.

I wonder if we could get it implemented.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
September 02, 2011, 08:55:56 PM
 #7

I am not sure what the link looked like before editing, but I fail to see how a "no links in e-mail" policy helps anything. If your users don't remember the exact characters making up your website's URL, they may stumble accross a scam site using a similar name. The naive user method of typing the website name in a search engine can actually help in that case.

What you need is a "Plain-text e-mail only" policy: no URLs with one label, with the link going someplace completely different. You should also consider signing all e-mail with the OpenPGP standard; though you would have to educate your users not to trust a PGP signature until they actually verify it.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!