Page 1 of 1

possible poisoning

PostPosted: Sat May 21, 2005 8:06 am
by guest
Hi. I'm wondering if you let users enter their IP/location corrections, will this possibly poison the DB? For example, a spammer in China corrects his IP/location to be the US and for those of us using the DB to filter SMTP connections based on country, the spammer would pass. It's a simple example, but you get what I'm saying..
I've just looked at this project and it looks great! My apologies if I have missed some doc where you coved my question.

Great work!

Re: possible poisoning

PostPosted: Sun May 22, 2005 10:39 am
by bfolkens
guest wrote:Hi. I'm wondering if you let users enter their IP/location corrections, will this possibly poison the DB? For example, a spammer in China corrects his IP/location to be the US and for those of us using the DB to filter SMTP connections based on country, the spammer would pass. It's a simple example, but you get what I'm saying..
I've just looked at this project and it looks great! My apologies if I have missed some doc where you coved my question.

Great work!


This is a concern we see a lot - there are several protective measures in place to prevent stuff like this happening.

As always, additional ideas are welcome

PostPosted: Fri May 27, 2005 8:34 pm
by Guest
You might want to be more specific about the counter-measures being implemented to prevent spoofing of IP data entries in the database, since it is going to be a major concern of any site administrator seeking accurate data, i.e. perhaps a user can't enter a city outside his country, for e.g.

PostPosted: Tue May 31, 2005 1:14 pm
by bfolkens
Anonymous wrote:You might want to be more specific about the counter-measures being implemented to prevent spoofing of IP data entries in the database, since it is going to be a major concern of any site administrator seeking accurate data, i.e. perhaps a user can't enter a city outside his country, for e.g.


Not a bad idea - I'll try to come up with something more formal and post it to the site since that's something a lot of people probably wonder about...