>- see footer for list info -< 1.21 gigwatts of electricity.. Of not sorry that's for the flux capacitor.
The time taken is gonna depend on the bot and where it is. Russ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Damian Watson Sent: 18 August 2006 11:37 To: Coldfusion Development Subject: Re: [Spam] Re: [CF-Dev] Help ..! >- see footer for list info -< We're gonna give it a go. All it relies on is the assumption that a bot will submit the form very rapidly. Indeed it would be good to know how quickly these things operate- anyone got an idea? Dominic Watson wrote: >> - see footer for list info -< > Ah yes, very elegent, nice indeed. <input type="hidden"> tho?. Would > love to know if it works. > > On 18/08/06, Damian Watson <[EMAIL PROTECTED]> wrote: >> >> >- see footer for list info -< >> Nice ;) >> >> Snake wrote: >> >> - see footer for list info -< >> >> >> > Yes that would be simple. >> > <input type="text" name="timer" value="#now()#"> >> > >> > And on the submit page, lets assume you know it takes a human at >> least 1 >> > minute to fill out your form. >> > >> > <cfif Datediff('n', form.timer, now()) LT 1> Reject </cfif> >> > >> > Russ >> > >> > >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of Dominic >> Watson >> > Sent: 18 August 2006 01:20 >> > To: Coldfusion Development >> > Subject: Re: [Spam] Re: [CF-Dev] Help ..! >> > >> > >> >> - see footer for list info -< >> >> >> > I am an ignoramus on this subject but a thought occurred to me whilst >> > reading.... >> > >> > When a bot does this auto form filling, does it do it instantly? If >> so, >> > would it be possible to somehow measure the time taken to fill in the >> form >> > (time taken between requesting the form page and the form result page >> > perhaps). Based on this time, the server could then reject the form >> > submission or allow it. >> > >> > A thought. I'm sure not an original one. >> > >> > On 17/08/06, Snake <[EMAIL PROTECTED]> wrote: >> > >> >>> - see footer for list info -< >> >>> >> >> Usually they are trying to hack vulnerabilities in web sites that >> >> allow thent o modify the mail headers and send spam out to multiple >> >> people via your mail forms. >> >> CF doesn't suffer form this problem, so only the person who is meant >> >> to get the feedback form gets the spam. >> >> >> >> Russ >> >> >> >> -----Original Message----- >> >> From: [EMAIL PROTECTED] >> >> [mailto:[EMAIL PROTECTED] On Behalf Of Damien >> >> Gallagher >> >> Sent: 17 August 2006 09:22 >> >> To: Coldfusion Development >> >> Subject: Re: [Spam] Re: [CF-Dev] Help ..! >> >> >> >> >> >>> - see footer for list info -< >> >>> >> >> Out of interest, what are they getting out of submitting, say, a >> >> feedback form loads of times? >> >> >> >> >> >> >> >> Rich Wild wrote: >> >> >> >> >> >>>> - see footer for list info -< >> >>>> >> >>> oh, I see, that's what a captcha is.. >> >>> >> >>> God I'm so old, I can't keep up with these new fangled wizbits. >> >>> >> >>> Anyway, if like me, you're not a fan of plugging other people's >> >>> things into your site without knowing what they do, that's basically >> >>> the theory. >> >>> >> >>> On 8/16/06, Rich Wild <[EMAIL PROTECTED]> wrote: >> >>> >> >>> >> >>>> "The only difficulty would this is get-aroundable by bots, assuming >> >>>> any bot writer cares enough about your site to spend the time >> >>>> rewriting their bot to regex your form field to get the magic >> >>>> word." >> >>>> >> >>>> Aha - so don't use words, use images. >> >>>> >> >>>> I've done this before, and its a little fiddly, but practically >> >>>> 100% spam safe. >> >>>> >> >>>> On the page hit, read a directory full of images that have magic >> >>>> words written on them, the file called the same as the magic word. >> >>>> >> >>>> Get a random one of those filenames: >> >>>> <cfset session.secureImageName = qryImageNames.name[randrange(1, >> >>>> qryImageNames.recordcount)]> >> >>>> >> >>>> set that to a session and display the image in the form - however, >> >>>> >> >> don't >> >> >> >>>> display it using simple <img src="images/secureImages/HYU78.jpg"> >> >>>> >> >>>> instead, use a CF page that serves up an image with the appropriate >> >>>> mimetype using cfcontent >> >>>> >> >>>> <img src="serveSecureImage.cfm"> >> >>>> >> >>>> In serveSecureImage.cfm, you read the session variable ( >> >>>> session.secureImageName ) you set before and return that using >> >>>> cfcontent. >> >>>> This means that bots can't simply read the html on the page and >> >>>> find >> >>>> >> >> the >> >> >> >>>> filename and use that in the input as the magic word. >> >>>> >> >>>> Alternatively, use an image making tag to write a randomly pulled >> >>>> magic word from a database or equivalent and simply serve that - >> >>>> this way >> >>>> >> >> just >> >> >> >>>> stops you having to have a directory full of images, but I had fun >> >>>> making those. >> >>>> >> >>>> If the magic word posted in the form don't fit the served image - >> >>>> don't send the mail! >> >>>> >> >>>> Richio McStitchio >> >>>> Chief Neckchief >> >>>> http://www.theideasbarn.com >> >>>> >> >>>> >> >>>> >> >>>> On 8/16/06, Duncan Cumming <[EMAIL PROTECTED]> wrote: >> >>>> >> >>>>>> - see footer for list info -< >> >>>>>> >> >>>>> I'm not a fan of captchas. Generally inacessible, unless you >> >>>>> also >> >>>>> >> >>>> make >> >>>> >> >>>>> an audio version available, and even then not the nicest hoop to >> >>>>> >> >>>> make users >> >>>> >> >>>>> jump through. >> >>>>> >> >>>>> One method I've seen elsewhere, but haven't used myself, is an >> >>>>> additional input box: >> >>>>> The magic word is blah. Please enter the magic word. >> >>>>> >> >>>>> The only place I've seen this method is the mysociety sites, e.g: >> >>>>> http://www.mysociety.org/?p=103 >> >>>>> >> >>>>> The only difficulty would this is get-aroundable by bots, >> >>>>> assuming >> >>>>> >> >> any >> >> >> >>>>> bot writer cares enough about your site to spend the time >> >>>>> rewriting >> >>>>> >> >>>> their >> >>>> >> >>>>> bot to regex your form field to get the magic word. >> >>>>> >> >>>>> >> >>>>> Duncan Cumming >> >>>>> New Media Developer >> >>>>> Customer Relations Management / Education Fife Council 700 4105 / >> >>>>> 01592 414105 >> >>>>> >> >>>>> >> >>>>>>>> [EMAIL PROTECTED] 16/08/2006 14:25 >>> >> >>>>>>>> >> >>>>>> - see footer for list info -< >> >>>>>> >> >>>>> Hi all. >> >>>>> >> >>>>> I have a contact form which submits an email (cfmail) The form is >> >>>>> being hit by a web bot and sent hundreds of times >> >>>>> >> >>>>> Is there any way I can stop this? >> >>>>> >> >>>>> regards - paul >> >>>>> >> >>>>> >> >>>>> _______________________________________________ >> >>>>> >> >>>>> For details on ALL mailing lists and for joining or leaving >> >>>>> lists, >> >>>>> >> >>>> go to >> >>>> >> >>>>> http://list.cfdeveloper.co.uk/mailman/listinfo >> >>>>> >> >>>>> -- >> >>>>> CFDeveloper Sponsors:- >> >>>>> >> >>>>>> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >>>>>> - Lists hosted by www.Gradwell.com -< >> >>>>>> - CFdeveloper is run by Russ Michaels, feel free to volunteer >> >>>>>> your >> >>>>>> >> >>>> help >> >>>> >> >>>>> -< >> >>>>> >> >>>>> >> >>>>> >> >>>>> >> >> >> ********************************************************************** >> >> >> >>>>> This email and any files transmitted with it are confidential and >> >>>>> intended solely for the use of the individual or entity to whom >> >>>>> >> >>>> they are >> >>>> >> >>>>> addressed and should not be disclosed to any other party. >> >>>>> If you have received this email in error please notify your >> >>>>> system manager and the sender of this message. >> >>>>> >> >>>>> This email message has been swept for the presence of computer >> >>>>> >> >> viruses >> >> >> >>>>> but no guarantee is given that this e-mail message and any >> >>>>> >> >>>> attachments are >> >>>> >> >>>>> free from viruses. >> >>>>> >> >>>>> Fife Council >> >>>>> Tel: 08451 55 00 00 >> >>>>> ************************************************ >> >>>>> >> >>>>> _______________________________________________ >> >>>>> >> >>>>> For details on ALL mailing lists and for joining or leaving >> >>>>> lists, >> >>>>> >> >>>> go to >> >>>> >> >>>>> http://list.cfdeveloper.co.uk/mailman/listinfo >> >>>>> >> >>>>> -- >> >>>>> CFDeveloper Sponsors:- >> >>>>> >> >>>>>> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >>>>>> - Lists hosted by www.Gradwell.com -< >> >>>>>> - CFdeveloper is run by Russ Michaels, feel free to volunteer >> >>>>>> your >> >>>>>> >> >>>> help >> >>>> >> >>>>> -< >> >>>>> >> >>>>> >> >>>> >> >>> _______________________________________________ >> >>> >> >>> For details on ALL mailing lists and for joining or leaving lists, >> >>> go to http://list.cfdeveloper.co.uk/mailman/listinfo >> >>> >> >>> -- >> >>> CFDeveloper Sponsors:- >> >>> >> >>> >> >>>> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >>>> - Lists hosted by www.Gradwell.com -< >> >>>> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> >>>> help -< >> >>>> >> >>> >> >>> >> >> _______________________________________________ >> >> >> >> For details on ALL mailing lists and for joining or leaving lists, go >> >> to http://list.cfdeveloper.co.uk/mailman/listinfo >> >> >> >> -- >> >> CFDeveloper Sponsors:- >> >> >> >>> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >>> - Lists hosted by www.Gradwell.com -< >> >>> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> >>> help >> >>> >> >> -< >> >> >> >> >> >> _______________________________________________ >> >> >> >> For details on ALL mailing lists and for joining or leaving lists, go >> >> to http://list.cfdeveloper.co.uk/mailman/listinfo >> >> >> >> -- >> >> CFDeveloper Sponsors:- >> >> >> >>> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >>> - Lists hosted by www.Gradwell.com -< >> >>> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> >>> help >> >>> >> >> -< >> >> >> >> >> > _______________________________________________ >> > >> > For details on ALL mailing lists and for joining or leaving lists, >> go to >> > http://list.cfdeveloper.co.uk/mailman/listinfo >> > >> > -- >> > CFDeveloper Sponsors:- >> > >> >> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >> - Lists hosted by www.Gradwell.com -< >> >> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> help >> >> -< >> >> >> > >> > >> > _______________________________________________ >> > >> > For details on ALL mailing lists and for joining or leaving lists, >> go to >> http://list.cfdeveloper.co.uk/mailman/listinfo >> > >> > -- >> > CFDeveloper Sponsors:- >> > >> >> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >> - Lists hosted by www.Gradwell.com -< >> >> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> help >> -< >> >> >> > >> > >> >> _______________________________________________ >> >> For details on ALL mailing lists and for joining or leaving lists, go to >> http://list.cfdeveloper.co.uk/mailman/listinfo >> >> -- >> CFDeveloper Sponsors:- >> >- cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> >- Lists hosted by www.Gradwell.com -< >> >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >> -< >> > _______________________________________________ > > For details on ALL mailing lists and for joining or leaving lists, go > to http://list.cfdeveloper.co.uk/mailman/listinfo > > -- > CFDeveloper Sponsors:- >> - cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >> - Lists hosted by www.Gradwell.com -< >> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> help -< > _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -< _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
