Hi Matt, Some do, some don't. I've seen both methods used on some customer sites.
Setting session variables on the form page definitely wouldn't work, as a spammer that hits the form would receive the same session information anyone else would. Certainly checking data against constraints is _always_ important, whether to prevent hacking, avoid data exceptions, enforce business rules, etc. The method you outline seems like it would only work if the spammer doesn't submit to all fields. Some of the attempts we've seen populated all fields, so this wouldn't work on those. I'd stick with CAPTCHA as the best and most foolproof method to avoid these problems. It's fairly easy to implement (there are a number of free examples in public domain), is familiar to most people filling out the forms, and works well. Darin. ----- Original Message ----- From: Matt To: declude.junkmail@declude.com Sent: Wednesday, April 09, 2008 8:55 AM Subject: Re: [Declude.JunkMail] form spam filter The form spammers are smarter than to go directly to the mail script. They will hit for the form submission page with what appears to be IE and submit the form. They even handle cookies correctly. The trick for form spam is to take fields like your Name and E-mail and rename the variables to something like "ignore-old-data1" and "ignore-old-data2" and adjust your mailer script for the new names. Then you insert new form fields in the form page that are hidden with a DIV and call them Name and E-mail. Your mailer script should pretend that the E-mail was successful if these fields have data in them, but you should simply 86 the actual message. This will trick their testing software into thinking that they were successful, and the DIV's with visibility hidden will not be seen by normal visitors. You might also want to put some javascript in the form submission page that looks for a URL in the form and warn the submitter that they can't send URL's, and then also have the mailer script silently reject a submission that has a URL in it. RegEx would be required in both JavaScript and the ASP or whatever code to do the URL checking. As far as I know, this seems to work perfectly, but setting session variables on the form page doesn't do a damn thing. Matt Darin Cox wrote: Since forms all use different emailers, and the form content is different as well, your only hope is content filtering based on what the spammer submitted... like SURBL filtering or REGEX on the spammer submission. These days, web-based form processing pages should minimally check that the referring page is what it is supposed to be (i.e. the form page submit button was clicked as opposed to a spammer submitting directly to the form action URL), and better yet implement CAPTCHA, require a login, or some other similar security measure. Darin. ----- Original Message ----- From: Craig Edmonds To: declude.junkmail@declude.com Sent: Wednesday, April 09, 2008 3:16 AM Subject: [Declude.JunkMail] form spam filter Hi All, Is there a filter for form spam? Some clients complain that they get form spammers sending in junk via their web forms. Some clients have captchas on their forms some don't, but I would like to be able to filter out the junk at declude level. Any ideas? Kindest Regards Craig Edmonds 123 Marbella Internet W: www.123marbella.com E : [EMAIL PROTECTED] LEGAL DISCLAIMER - This message may contain confidential, proprietary or legally privileged information and is intended only for the use of the addressee named above. If you are not the intended recipient of this message you are hereby informed that you must not use, disseminate, copy it in any form or take any action in reliance on it. If you have received this message in error please delete it and any copies of it and notify it to the sender. AVISO LEGAL - Este mensaje puede contener informacion confidencial, en propiedad o legalmente protegida y esta dirigida unicamente para el uso de la persona destinataria. Si usted no es la persona destinataria de este mensaje, por la presente se le comunica que no debe usar, difundir, copiar de ninguna forma, ni emprender ninguna accion en relacion con ella. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
