The victim of a subscription bombing attack can't do much, they should be careful to shift through the garbage and find the real threat (password changes, bank transfers, etc).
Email admins can only do manual work, because I haven't seen anything automated that can help in these situations. My limited understanding, is that all forms must be protected. The biggest threat: headless browsers that by-pass protections like hidden input fields and javascript code. A realistic solution is a captcha, my personal preference is to avoid google's reCaptcha and use either a custom solution or cloudflare's hCaptcha. On Thu, 21 Jan 2021 10:15:03 +0100 Stefano Bagnara via mailop <mailop@mailop.org> wrote: > So I like your proposal, but I was looking for best practices to deal with > what happens now: forms being abused to fill email inboxes of innocent > victims. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
