What about huge sites like Amazon.com? I can understand the desire to make forms more accessible, but it seems like you need to draw a line at some point. If you're getting thousands of form submissions a day, you're going to have to hire an army of people to manually sift through stuff. I think that's why the big companies implement a customer service number for people that can't use the forms.
> -----Original Message----- > From: Sandra Clark [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 26, 2006 6:13 AM > To: CF-Talk > Subject: RE: ANN: CFFormProtect, new open source project > > I went a different route on my blog. Besides accessibility > issues, I wanted > to make it my responsibility rather than my users to prove > they are human. > So I maintain a blacklist. > > More importantly I set two session variables on my comment form (a > session.commentuser and a session.commentdatetime) which I use on the > comment add page. If the session variables don't exist > (meaning the posting > didn't come from my form on my site, then the user is > blacklisted using both > ip and email. (When I was getting bombarded by spam > comments, I logged them > all and realized that spammers do re-use ip addresses and > email addresses). > I also maintain a word blacklist that blacklists all comments > containing > frequent spam words. I add to that all the time. > > When a new user comes in, the comment gets posted and an > email comes to me > with the comment. I have the option of either whitelisting a > user (in which > case they can post from that email and ip without further > intervention from > me. If the user is blacklisted already, their comment gets > thrown out and > never sees the light of day. New posters are sent to me and > I have the > opportunity to whitelist or blacklist them at that point. > > My spam has dropped from 100-250 spam comments a day to about > 5-15 a week, > which is extremely manageable. I need to rework the word > blacklist so that > I can update that automatically (currently its in an .ini > file, which I am > adding to manually and uploading). > > Although both Captcha's and Human Auth tags are understandable in the > context of being bombarded by spam, I don't think its fair to > require our > users to prove they are human. "EMF <idahopower.com>" made the following annotations. ------------------------------------------------------------------------------ This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. ============================================================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258142 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
