Jordi Canals wrote: > On Fri, 03 Dec 2004 09:43:10 +0800, Ho!Tech Guy <[EMAIL PROTECTED]> > wrote: >> I have a classified ad section on my site which uses a privacy mail >> function so users don't have to make their email address public. >> Recently >> though, the site has been mined (I assume) and spam is being sent. >> >> I was thinking that a "security code confirmation" type script would be >> good where the user has to enter the number shown in a graphic. Am I on >> the >> right track? If so, can anyone recommend a specific script? >> > > I cannot recommend a specific script, but a good article and tutorial > from the Zend website: > http://www.zend.com/zend/tut/tutorial-mehmet1.php
Another possible solution: Don't ever ever ever show the email address in any form, obscured or not, to ANYBODY. Build a form that has the recipient ID field, and use PHP to send the email. Record the IP address of the sender and datetime of the mail. If that same IP address tries to send more than N mails in time period T, just tell them they'll have to wait. I'm working on a site now where they tried to hide the emails -- They embedded the emails in a dynamic image, so they can't be scanned. Only problem: The URL to reference the image has the email in the URL! They were a bit downcast when I tossed off a script in minutes to harvest every email from their site. :-^ Here's a Tip: Use "View Source" and "Find" and search for "@" If you can see an email in that mess, so can the spammers. Get rid of it. Also search for %40 and @ While spammers may not search for that directly, your email *WILL* show up in Google results, and you'll get nailed eventually. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
