Wednesday, March 4, 2009

Email Anti-Spam Tip

This tip will not completely prevent spam but will enable you to quickly deduce if you've got spam, how you the spam and help you decide what to do with it. It's quite simple, have your own email domain and give different email addresses at different places.

An Example


Today I've received this unsolicited (SPAM) email trying to frighten me into buying colnect.tw, colnect.cn and so on. Here it is:

From: kevin.wu

(If you are NOT CEO,please forward this to your CEO, because this is urgent.Thanks.)

Dear CEO,

We are the department of registration service in China. we have something need to confirm with you. We formally received an application on March 3, 2009, One Japan company called "Path soft investment Corp" are applying to register (colnect) as internet brand name and domain names as below (colnect.net.cn colnect.org.cn colnect.mobi colnect.asia colnect.hk colnect.cc colnect.tw etc.).

After our initial checking, we found the internet brand name and these domain names being applied are as same as your company’s, so we need to get the confirmation from your company. If the aforesaid company is your business partner or your subsidiary company, please DO NOT reply us, we will approve the application automatically. If you have no any relationship with this company, please contact us within 15 workdays. If out of the deadline, we will approve the application submitted by "Path soft Corp" unconditionally.

We would like to get the affirmation of your company,please contact us by telephone or email as soon as possible.

Best Regards,

Kevin Wu
Senior Director
TEL: +86 21 69929440
Fax: +86 21 69929447
Website:www.qpnic.org.cn
Shanghai QPNIC Web Property Solutions Limited


Now, this email was sent to management@ and webmaster@ (both of them at my domain colnect.com). However, since I never give these email addresses to anyone, it means that every email I get there is SPAM. Other common names such as info@ and contact@ and others are frequently used.
A short search on the Internet affirmed my suspicion of a scam, when I found this blog post and that one.

What About My Private Email?


Well, you can easily get yourself a free domain on any service that would freely forward your email (such as cjb.net). Then, whenever you register a website, make up an email site_x@mydomain.cjb.net and use it to register the site. You would always be able to receive such emails but when this address becomes 'dirty' (starts receiving much spam), you can filter out all emails coming to it. It's a better solution than one-time emails since sometimes you do actually want to allow the site to later contact you. It is also a completely legitimate email address.

Symfony: Error Logging Hack

Symfony is an excellent PHP framework used on Colnect. As any piece of software, however, it has its shortcomings. The good thing is that I can hack it to fit my needs when some things are not to my likings. A recent hack I've done (and should have done a long time ago) is about the error logs. Though the guidebook to Symfony describes logging at length I couldn't figure out how to easily add some useful information to any Exception thrown on my production machine.

The following hack can be has been customized for my needs but you can change it to your preferences. It'll change the output Symfony places in the PHP error log file.

What the Hack Does?


A boring Exception such as:
[04-Mar-2009 17:20:25] Action "coins/collect" does not exist.


Will become:
[04-Mar-2009 17:20:25] CODE[0] MESSAGE[Action "coins/collect" does not exist.]
FILE[.\config_core_compile.yml.php] Line[715]
REQUEST[/it/coins/sdlk] REFERER[]
AGENT[Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6] ADDR[127.0.0.1]


How To?


Find sfException class (should be /symfony/lib/exception/sfException.class.php) and add the following method:



public function getMessageFull() {
$exception = is_null($this->wrappedException) ? $this : $this->wrappedException;

try {
$sReq = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
$sRef = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$sUserAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$sRemoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';

$sErrMessage = "CODE[".$exception->getCode().'] MESSAGE['.$exception->getMessage()."]"
."\n\tFILE[".$exception->getFile()."] Line[".$exception->getLine()."]"
."\n\tREQUEST[$sReq] REFERER[$sRef]"
."\n\tAGENT[$sUserAgent] ADDR[$sRemoteAddr]\n"
;
}
catch (Exception $e)
{
$sErrMessage = $exception->getMessage();
}

return $sErrMessage;
}


Customize this method to your needs. Make sure it doesn't raise any exceptions itself.
Now you need 2 more small changes in both sfException.php and sfError404Exception. Change the line:
error_log($this->getMessage());

to:
error_log($this->getMessageFull());


More Enhancements?


It's your call. You can email yourself an alert, include more system-specific pieces of information or use the code as is. It's obviously not the cleanest solution possible but it works for me and hope it helps you.

Wednesday, February 25, 2009

3,500 collectors on Colnect

Yesterday Colnect has passed the mark of 3,500 registered collectors. This is an increase of over 17% during the last 2 months. Just before starting this year, Colnect had passed the 3,000 collectors mark. Considering the fact that ridiculously little marketing work has been done (~$50 spent on ads...), I see this as a very respectable achievement that continues the growth that started when Colnect V2 was released.

How do collectors learn about Colnect?


As Colnect allows collectors to manage their personal collection and semi-automatically manage swaps with other collectors from around the world, it's the collectors' own interest to have their collector friends join the site. Why would a collector go through the swap and wish lists of another collector manually when a match to his own lists can be done using a single click?

So what's next?


Colnect will expand to more collectible fields as requests come from existing members of the community. Some requested premium services are also planned.

Link and Search

Did you like reading it? Stay in the loop via RSS. Thanks :)