If you use fake email addresses that contain bogus domain names, I would think that they would get bounced at the first DNS server it encounters.
Good luck and keep up the good fight! M!ke -----Original Message----- From: Les Mizzell [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 14, 2006 10:46 AM To: CF-Talk Subject: Sorta OT: Form Spam Bots These little buggers drive me CRAZY! They visit your guest books and other forms and put in the most unimaginable porn links and crap ... OK, so I've carefully programmed filters to prevent any of this stuff from actually getting entered into my databases, and protected myself against SQL Injection attacks and all that. I know I can also put one of any number of "prove you're a human" solutions on the pages in question. Still, I like to keep up with what's visiting a couple of specific forms, so I still let them fill out the form anyway and their IP address and form contents gets emailed to myself for analysis and spam reporting. It's still blocked from the database though. But, I'm getting more and more p*ssed off about this crap everyday. So, I'm wondering - basically I'm just shutting a gate here and saying "keep out" - but I'm not hitting them over the head with a baseball bat when they try to knock on the door. Is anybody aware of any methods that allow you to go on the attack and *do something* to these buggers when they visit a form page? Yea, yea - we're getting into th gray area of "evil code" - but if nobody takes action against these things, they'll just get worse. For example, for email harvesters, I've got a page set up that auto-generates 25,000 bogus email addresses and has a number of random links that points the harvester back to the same page again. I have an alert that's emailed to me when a harvester hits the page, and at times I've seen one reload the page up to 10 times, just gobbling up addresses. What happens when the spammer uses the 250,000 addresses he/she just collected to send spam to? Ok, it's a headache for some network administrator somewhere, but I bet the "bounce" traffic makes them at least LOOK at what's going on and and a previously open relay gets closed. Anyway, sorry for wasting bandwidth. Just pondering things... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:243484 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54