On Sep 24, 9:11 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > We have a simple form that allows site visitors to request a free > issue of the magazines we publish. The form simply writes to the > database, and the info is later pulled by the circulation people so > they can send the issues out. The info does not appear anywhere on the > site, and is only used to fulfill the request. > > My problem is that for some reason spammers have latched onto this > form, creating a lot of grief when our circulation people are trying > to send out the requests. > > Nearly all of the spammers follow a pattern, giving random strings for > their address, city and email, like this: > City: bbaOWiatlF and email: [EMAIL PROTECTED] > > Does anyone have any suggestions on how to weed these goons out?
Maybe use a honeypot field in the form like the comments app does. You can even label it with a label that says "do not fill in this form or we will think you are spamming us". Hide this field on the form with CSS (display: none) so most users with modern browsers won't even see it. Spammers using automated tools typically fill in random garbage into all fields on a form. Reject any form submission that has that field filled in. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---