I know getting YouTube members' email addresses would be prone to abuse so I was wondering if there's any way we could get, at least, the MD5 for the email addresses.
I would like to check who is a member on a YouTube channel so we could offer perks outside of YouTube.
Any ideas?
Thank you very much.
Related
The question is simply the title.
Please don't tell me to go for a Twitter Data reseller like Gnip or Datasift as they're so expensive.
Thank you.
Run more than one twitter stream, there is no other way around to solve this issue. For running multiple streamer basically you need a dedicated twitter user, ip address and registered application for each streamer.
I am building an application using Ruby on Rails. I want to do something that I am not even sure is possible;
I have a mailer that is working, however I want to enable users to send emails using their own email address in the FROM parameter. Its almost as if the ":from" parameter has no effect on the email sent.
I'm a bit of a noob when dealing with email servers so please be as detailed as possible. I doubt there is a smtp mail server set up on my hosting account, so if I need to do something like install smtp on my hosting account please be as descriptive as possible.
You are able to set the From: field to whatever you want, theoretically, but in practice you are often limited as to what you can put in there. Many email providers will automatically replace the From address with your own regardless so that you can't masquerade as someone else.
You're probably intending to do something like this:
From: Example Customer Name <name#example.com>
Also keep in mind that sending email from arbitrary domains will result in a very high chance of being flagged as spam since you are most likely not listed as as a host authorized to send for those domains which is typically implemented with SPF.
The best practice is to set the address to be something like this:
From: Example Customer Name <you#yourdomain.name>
That way you're not spoofing your actual email address, only the associated label, which is not typically verified.
I need to check email accounts whether exists or not, I need to do that using Delphi and Indy (if possible)
I have a windows database for ERP system and I need to make sure that the customer enter valid email into the system so I can send to my customer the quotes they request.
I tried to test on yahoo and google using send commands HELO, MAIL and RCPT but no success.
Mail servers have to protect themselves against spammers and others with malicious intent. They are not going to give up their secrets easily. It is common for mail servers to be configured to black hole messages sent to non-existent recipients. They don't respond to the sender saying, "sorry, that user doesn't exist, please try again."
So, if you want to verify whether or not an e-mail address has a human behind it I think the only way to be sure is to send an e-mail requesting a response.
You have to ask your customers to confirm their email address, i.e. entering it twice to reduce misspellings, asking to register and sending an activation link and so on. State explicitly they need a valid email address: if they're asking you a quote why should they enter an invalid address? But be aware some people may use disposable email addresses to protect their real ones.
You have no way to check if an address really exists just asking its server. Due to the large amount of spam and techniques implemented by spammer to harvest and clean their addresses lists, most servers are setup to defend themselves.
That's why I suggested to "be polite". I am sorry if you got it the wrong way, I was just telling you that if your application shows a "spammer-like" behaviour (and your previous version of the question was much unclearer about your aims), it can lead to your IPs being blacklisted. Then you can have much more troubles to send quotes to customers.
You may try ICS components, an open source library with good examples (see SMTPClient).
So this library or another one will not tell you if an email account exists or not because it's depending on the way the host answer to the commands about a non existent account.
In ICS, when the command have been sent you may have to manage an event : SmtpRequestDone(Sender: TObject; RqType: TSmtpRequest;ErrorCode: Word);
Where ErrorCode is the Error code (ie 550).
In one of my Rails applications I'm sending emails through the Gmail SMTP server and everything just works, mails are not going to spam and so on ... But there's one thing that concerns me, the 500messages/day limit the SMTP has, currently I'm over 350/day. I didn't find any official Google page where they talk about the subject, just blog posts that seems to be reliable. Then my question is what do you suggest me in order to be able to send more than 500messages/day? I would love to keep using the Gmail SMTP.
Any help would be appreciated.
Don't use GMail for what it wasn't built for. It wasn't designed as a mass-email system, although Google definitely has the firepower to do this.
Instead, perhaps use something like SendGrid to send your emails. SendGrid is designed for this and is just as easy (actually, probably easier) to set up with than GMail.
You can consider using more than one gmail account to access the smtp server, however you may have problems with ip limits (couldn't find anything on their docs about it). Another option is performing dns mx lookups yourself and reproducing your own smtp server by directly delivering the messages to the user's emails - but that can increase the odds of you being tagged as a spammer as your ip is not whitelisted as sender.
I think the best way is to create another gmail account and trying to reroute your connection to use it when one of the accounts reaches the daily limit. A vpn connection can solve that for you.
I have a web app that requires a user to have an account. This user can then vote 'once' on a specific item. However, some users are signing up for lots of accounts to 'game' the system.
Does anyone have any ideas how you can restrict this type of thing?
Could I restrict number of signups per day per IP address? (what are problems with this?)
Any other suggestions???
You would do yourself one better by restricting the sign-ups to just a single IP address per user. This may not be good if you plan on having families all living under the same roof to have their own accounts, but in most cases this is practical.
Yes, restricting signups per IP is reasonable. I'd probably go with signups per rolling time period (say, a maximum of one new account in any one-hour period per IP). You might also flag suspicious signups (say, more than five per day per IP) for later followup.
You might also restrict users from voting until they've passed some hurdle, similar to SO's reputation system. Prevent poll voting until they've been a user for a week, have posted at least twice, have one friend request, etc.
I remember when I ran a online RPG I flagged when more than 5 or so accounts logged in with the same IP in the same day.
People mention the NAT issue. Read the header x-forwarded-for and compare that to the standard ip address.
If x-forwarded-for is present use this value. Most properly configured NAT routers will populate this field. The only ones that do not are typically anonymous proxies.
If you really are worried about people gaming the system, using a flash bit that uses sockets to connect, and provide say, session id, to the socket listener. You can then compare that with the ip address and x-forwarded for. If it does not match, they are behind an anonymous proxy. You could feel safe to not allow them to create accounts.
This works because most anonymous proxies out there aren't full Socks proxies where all network traffic goes through it, just HTTP. This worked very well for me in the past where we had a contest with voting and folks were using anonymous proxies to game the system.
Instead of limiting by account, you could set up limitations by email address. If users need to provide their email address, you already create one hurdle for them. Make sure they have to respond to a confirmation email to make sure the email address is real. Also keep track of email address and IP address, marking any count as suspicious where a single IP address has e.g. 5 or more email addresses. (In which case you could check those addresses to see if they are somehow related, like all from the same domain or similar names.)
Sure, people can create dozens of email addresses using GMail or Hotmail or even if they have their own private domain. But for many people this is already a bit too much. Basically, if you see 5 email addresses from gmail.com with the same IP address, it's suspicious.
One potential problem is if your users are behind a NAT such as a home router, ISP proxy, or corporate firewall. You will see the same IP for all of them.
Instead of blocking people I would simply record their IPs, create a report of duplicate IPs that you can run periodically to investigate suspicious activity.
In addition you can take a social approach, post the user's IP somewhere. This will provide a gentle warning and disincentive to people who fake accounts, as well as allow your community of users to potentially identify fakers.
I would recommend implementing a different authentication mechanism such as OpenID, or are Alex said, force the users to specify a valid email and send them confirmation links via email before accounts get created.
My preference is OpenID for sure.