elive topaz specific instruction s page should be updated to modern times (example : "pay to install", "use the beta versions for cost free", etc)
also, on download page you should have more prominent details on how to report a broken download
elive topaz specific instruction s page should be updated to modern times (example : "pay to install", "use the beta versions for cost free", etc)
also, on download page you should have more prominent details on how to report a broken download
thanks @TheTechRobo, all reports fixed or improved
I thought he was the person you paid ? Does he still volunteer or something?
yeah in the past, actually not volunteering but we still friends and yesterday helped me setting up the catcha quite fast
I don't want to announce anything yet (not finished work) but im working -a lot- in the emailing system of the website of elive, im improving all the structure, for now we have a very good thing that will avoid people (or bots) entering fake emails, well, all the info is explained in the screenshot:
more features to come in progres... I will ping @TheTechRobo in the future to improve all the wordings on the website messages
Would asking for a verification from the same address be an option .... or do the bots have that covered too?
both yeah
bots seems like has this covered, i have see some emaisl which "clicks to every link found in the email" so yeah, there should be a lot of confirmations by bots too
and, asking for confirmation is also a bad thing, in the last months there have been many emails inserted which are fake, making the server sending emails to everywhere (and thus, being categorized as spammer), so the best is to avoid in a first time to have emails inserted that are not reals
a very complex topic! but at least the website is receiving a lot of improvements with the new changes made...
That pink box you showed looks a LOT better than what I see.
they are different things, the one of your screenshot is a simple javascript that checks what you are writing in realtime, so if you include "@hotmail." it will show you this message, same but other message with other addresses like yahoo, etc (other ones that we are blacklisted at the moment), of course it can be improved to look better very probably looking like the other one, which works entirely different: the other one is on php, it verify if that email is on the database and if was hardounced on the past, or it validates the email (checks if the MX's of the domain exists, which is a very simple and not so reliable verification), now it verify via smtp if the email really exist AND if we can deliver to it
Suggestions about the ugly message? (yeah it can look nice like the other one, BUT about UX, i tried to put it in the bottom of the box: wrong, because there you have the autofill showing and it will be unreadable, and in the top: wrong, because it moves your writting box down in realtime and is a bit annoying... so in the right is not so bad, it shows to the user what needs to show
I have been working for infinite days (almost one month already) and im really tired of this (and not yet finished), but the emailing system is much more reliable now (the biggest amount of work is now by re-checking and removing all the old fake emails inserted by spambots).
We have sent you a confirmation email.
Your download ID is: xxxxxxxxx
Insert an Email address where you wish to receive the download
verify if already subscribed/unsubscribed: on this point no more checks are made, because they are meant to be considered "real subscribers" (after to have finished the full cleanup)
MX verification: if the email has no mx servers published, fail, this is a basic need for validating emails, message is:
This email is not accepted as valid because has no MX server, try again in a few seconds or use a different Email provider.
Temporary (disposable) email addresses are not allowed, please use a real one, you will not be subscribed if you don't confirm your email or you can change these preferences anytime
Unfortunately, this email is unable to receive emails from Elive, use a different one.
We are sorry but your email provider is not accepting right now emails from us. The only way to solve this is to write to your email support and asking them to whitelist the emails from elivecd.org. If you are using Hotmail or any Microsoft service we strongly encourage you to switch to a more reliable email like Gmail, otherwise, you will always have problems like this with any kind of email
also, as you see this is an "im sorry, karma" attack to these OMG-so-shity email services of MicroSh t
Already included, please wait the needed delayed time to receive your download
This Email was reported as fraudulent on the cleantalk.org website, which we cannot use in order to avoid spambots, if your email is real please contact us to know how to improve the filters.
Invalid Email.
This email seems to be incorrectly typed, fake, abandoned, or its provider service is rejecting to receive emails. Please use a different one, we suggest using Gmail addresses.
WARNING: seems like we have difficulties delivering emails to "DOMAIN", so we cannot confirm that you will receive our email. We suggest using a different address instead, like Gmail.
and then, the email is considered valid and inserted, otherwise trashed (except the last step which includes it -already-, because is not 100% proof)
@TheTechRobo do you have suggestions for the wording of these messages? (the quoted ones)
I suggest you use "email-address" consistently and just email for the sent message itself.
There's a few bad wordings, here and there but not too many.
Created one here: https://forum.elivelinux.org/t/hardening-elive-email-server
and edited some of the wordings. Would be nice if someone else checked those again.
how would you know this??
Most of the issues are because of run-on sentences, like this, they're very hard to read, they take a while to read, and so you should split it.
i know, but wordpress is a very sh#tty platform, too easy to break things up (also, these messages are in code), its very risky to touch anything in wordpress especially if you don't know "what things cannot be touched because breaks the entire solar system" or "how to fix X when Y happens"
by other side, after the new website will be start to be written (that's in process), maybe we can do that, a direct editing from the website itself, but from a temporary website https://webtest2.elivecd.org (user and pass is visitor / welcome), which is -ATM- a copy of the real website, but that stills being a little tricky and unreliable, let's see if we can do that soon
the second entry is an invisible fake "email" entry, spambots will fill up it, humans don't see that, so if is filled, submit is trashed
$ curl -Ls https://www.elivecd.org/newsletters/ | formfind
...
Input: NAME="email" (EMAIL)
Input: NAME="n_503e284f44_email" (EMAIL)
what do you mean? well, if you have suggestions for the quoted ones just tell me, so I can re-insert them, but basically these messages shows up like this one: Website of Elive, updates and changes - #108 by Thanatermesis (these ones in the same sizes, so that example includes 2-different font sizes, but of course this can be included if wanted)
note: probably today we can see running the new email validator, published i mean
That would mean we couldn't write any code in any Howto or post.
Anyway the job is done. The result is here.
In that case I still don't see why the website rewrite will still be using wordpress.
Let's move to angular + net core combo?
Or Flask or Drupal or Joomla! or something.
I've also heard good things about this:
i mean the wordpress platform is very delicated, very buggy prone and with lots of "things to know in order to not break everything" (fortunately it improved a bit over the time)
depends on specific plugins and templates using, just like a big marketplace of available plugins in case of extra ones needed, to migrate to something else will requite a very huge investment of time and/or economic
The new "delayed download" buttons are enabled back into the Stable download page, with all the features mentioned, in short: you cannot insert a fake email
starting to betatest it and see that there's no spambots anymore...
More improvements to avoid spambots:
the system is becoming smarter than ever