CAPTCHA



CAPTCHA in Dada Mail

CAPTCHA may be used for:

Subscription Confirmations

A CAPTCHA form is shown after a subscriber clicks on a subscription confirmation URL and before they are allowed to subscribed.

Why then, instead of say, on the initial sign up form?

First, showing the CAPTCHA later is one less hurtle at the beginning of the subscription process.

Second, the actual confirmation process of Dada Mail is quite the hurtle for a bot to go through, before even attempting to solve a CAPTCHA.

Enabling

In the list control panel, navigate to: Manage List - Mailing List Options, under Subscriptions, check the option labeled, Enable CAPTCHA'ing

"Forward a Friend"

CAPTCHA protection in the "Forward to a Friend" Form is highly suggested, as this form is easy to spoof.

In the list control panel, navigate to: Message Archives - Archive Options.

Under, Basic Options check the option labeled, Enable CAPTCHA'ing on the, "Forward to a Friend" Form

Profile Registrations

CAPTCHA protection is available for Dada Mail Profile Registrations.

Enabling

CAPTCHA for Profile Registrations is enabled by default. If you'd like to disable CAPTCHA, you can do so in the config variable, $PROFILE_OPTIONS


CAPTCHA Configuration

$CAPTCHA_TYPE

Dada Mail supports two different CAPTCHA types. The first is just called, Default, the other one is called, reCAPTCHA. The Default CAPTCHA type is based on:

http://search.cpan.org/~burak/GD-SecurityImage/lib/GD/SecurityImage.pm

reCAPTCHA is based on the reCAPTCHA service:

http://recaptcha.net/

It's suggested that you use the reCAPTCHA service, as it's a lot more sophisticated than the Default type.

reCAPTCHA Configuration

Add the following lines to your .dada_config file:

        $CAPTCHA_TYPE     = 'reCAPTCHA';
        $RECAPTCHA_PARAMS = {
            remote_address => $ENV{'REMOTE_ADDR'}, 
            public_key     => undef,
            private_key    => undef,
        };

You will then have to fill in the, public_key and private_key in the $RECAPTCHA_PARAMS hashref:

First, grab an account:

https://www.google.com/recaptcha/admin/create

and fill in the public_key and private_key in $RECAPTCHA_PARAMS that are provided to you.

See Also:

http://search.cpan.org/~andya/Captcha-reCAPTCHA/

Default CAPTCHA Configuration

This CAPTCHA type also requires the GD CPAN Perl Module, which itself require the GD C Library. If you do not have those, you will have to install them separately.

In your .dada_config file, add the following line:

        $CAPTCHA_TYPE = 'Default';

If you would like to customize the Default CAPTCHA, also add the $GD_SECURITYIMAGE_PARAMS hashref:

        $GD_SECURITYIMAGE_PARAMS = {
            'rand_string_from' => 'ABCDEFGHIJKLMNOPQRSTUVWXYZaeiouy', 
            'rand_string_size' => 6, 
   
            'new' => { 
    
                width      => 250,
                height     => 125,
                lines      => 10,
                #gd_font    => 'Giant',
                send_ctobg => 1, 
        
                # There's some magic here, 
                # If the font is located in the, 
                # dada/DADA/Template/templates directory, 
                # You don't have to put the absolute path, 
                # just the filename. 
        
                font       => 'StayPuft.ttf', 
                bgcolor    => "#CCFFCC",
                angle      => 13, 
                ptsize     => 30,
                                          
            }, 
    
            create => {
    
               ttf => 'circle',
               # normal => 'circle',      
            }, 
    
            particle => [
                500, 
                undef
            ],
        };

and tailor to your taste.

See Also:

http://search.cpan.org/~burak/GD-SecurityImage/lib/GD/SecurityImage.pm

Each key in the $GD_SECURITYIMAGE_PARAMS hashref corresponds to the different methods of this module ie:


reCAPTCHA Mailhide

If you're using the reCAPTCHA service, you an also take advantage of reCAPTCHA Mailhide. In Dada Mail, this is used to protect individual email addresses in mailing list archives. Before an email address can be viewed, a CAPTCHA has to be solved.

Configuration

Add the following lines to your .dada_config file:

        $RECAPTHCA_MAILHIDE_PARAMS = { 
            public_key     => '',
            private_key    => '',
        };

You'll need to fill out the public_key and private_key with what's provided to you at:

http://www.google.com/recaptcha/mailhide/apikey

Enabling

In your list control panel, go to: Manage Archives - Advanced Archive Options, under, Email Address Protection select, reCAPTCHA MailHide.

Requirements

Although Dada Mail supports Captcha::reCAPTCHA::Mailhide, it does not come with it. This is because it's not possible to bundle the module with Dada Mail. You'll need to install it manually (using the CPAN shell, etc).

Installing the needed CPAN modules (cPanel)

If you have a cPanel-powered hosting account (Bluehost, for example) search within your cPanel for an icon labled, "Perl Modules" - the icon itself will be of the famous Perl camel. This part of your cPanel will allow you to install the needed CPAN Perl modules.

Within the screen, find the textbox labeled, Install a Perl Module and in the textbox itself, type in,

        Captcha::reCAPTCHA::Mailhide

and click the button labled, Install Now. The screen will refresh and go through the installation process.

Once finished and on the main Perl Modules screen, find the heading entitled, Using Your Perl Module(s). Below this heading, will be some snippets of code that you can include in your Perl program (like, Dada Mail) to then take advantage of the Perl modules you just installed. It'll look similar to this:

        BEGIN {
            my $b__dir = (-d '/home8/dadademo/perl'?'/home8/dadademo/perl':( getpwuid($>) )[7].'/perl');
            unshift @INC,$b__dir.'5/lib/perl5',$b__dir.'5/lib/perl5/x86_64-linux-thread-multi',map { $b__dir . $_ } @INC;
        }

Copy your specific snippet of code and Paste it into the dada/mail.cgi file, near the top - say, on the third line. The first two lines look like this:

        #!/usr/bin/perl
        package mail;

Save the dada/mail.cgi file and you should now have the ability to use reCAPTCHA Mailhide in Dada Mail. Rejoice!

See also:

http://search.cpan.org/~andya/Captcha-reCAPTCHA-Mailhide/


Loading