[ruport]

Sending might be a problem because of massive spam abuse and maybe getting blacklisted in consequence. What do you think?

[Arnt]

Being able to reply would be good. Supporting sending other than replying will waste your time. The spammers will exhaust whatever rate limits you configure and try to get around the limits, and although the result may not be much spam, the work will take much of your time.

[cookiecaper]

I don't think there's anything wrong with offering this as a receipt-only email.

[Arnt]

Occasionally someone asks you to reply. Generally "click here to ack receipt of this mail" but sometimes "please reply to this mail to confirm that the email address works".

[polshaw]

I think you could make it not worth it for spammers fairly easily-- only allow sending to one recipient, captchas, rate limiting by IP etc.

[reacweb]

These 3 examples are easy to work around using zombies. Even whitelisting only people who have already written to you can be attacked.

[ruport]

so, from your point of view, are there any better ways to prevent automated spamming ?

[peterwwillis]

Look into how Cloudflare handles detecting abuse of bulk automated http requests (hint: browser trickery). RBLs will help, as well as basic rate limiting. You can also do heuristics on the rate of mails going out from multiple users in similar ways and impose a timeout on users when you detect something 'feels spammy'. Basically you just want to make it so annoying to send spam that they'll use someone else's service. You can also use obfuscation techniques to make it difficult for spammers to determine the method to use to automate requests.

[ruport]

hm yea, nice idea.. i already thought of such solutions. maybe i gonna realize it.