www.webdeveloper.com
Results 1 to 2 of 2

Thread: Mail Function Spam Issues

  1. #1
    Join Date
    Mar 2014
    Posts
    3

    Mail Function Spam Issues

    So, I'm using the mail(); function to send comments to my email address. I just made the site live about 4 days ago and yesterday I got what appears to be spam...

    Message 1 (Some Russian message about electric treadmills...)
    Phone: Technology
    E-Mail: robertsl@yandex.ru
    Message:

    Купить беговые дорожки для дома и похудения. Выбрать механические... <br /> Электрические беговые дорожки для дома работают благодаря электромотору, поэтому их не нужно самостоятельно приводить в движение. <br /> Звоните 8 9152669903, консультации бесплатно.
    Message 2
    Phone: 123456
    E-Mail: ol@aol.com
    Message:

    In this week's conversation keyed on online gambling simple, straightforward guy. casino online sverige http://kluhartem.com/ - online casino bonus casino online sverige casino online sverige Bob Kellie gambling $2, 603 150.
    It appears that they are legitimate messages from a visit to my site, but I just don't under stand how they found my site or why they would send it. Is it a person or some automated script doing it? would a captcha stop this?

  2. #2
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,226
    You can filter for spam and or email addresses.

    the russian one is easy, you just look for .ru in the email address, you can then still have those messages sent to you but your mail() routine could add [SPAM] to the subject line, your email client can then filter all messages with a subject line that contains [SPAM] to a separate folder so you can then later look at designing a filter for your web form to recognize Spam so the flow is truncated at the server.

    Your mail() function can parse the body for keywords like ...

    gambling
    casino
    v.i.a.g.r.a and all its other permutations
    meds online

    etc., and do the same as previous, add [SPAM] to the subject line.

    Question.

    Does your form have a captcha script? If not your form will be open to abuse.

    One way of finding contact forms is when google crawls the site, your contact form is found, you may want to have the contact page name changed or to require a further click to a form that issues a web form and your handler script checks to see if it issued a web form because SPAM can come from a PUSH method, most forms follow a standard format of

    <field>
    <field>
    <field>
    <button>

    Which could be

    <Name>
    <Email Address>
    <Message>
    <Submit>

    some spam scripts will request the page, the format of the page is analysed for its fields and the names in the HTML to know what format the page is in to push a message.

    captcha will curb bots but the more sophisticated bots can mimic a human input, the flaw in captcha is in the audio, a bot can convert audio to words/letters/numbers if it has the capability to convert audio in to characters, the field validation can then be completed and spam gets through.

    Some devs may wonder why a spammer would go to such lengths, sometimes its like crackers, they do it because its a challenge to show just how clever they are and because they can.

    So the question is how far do you want to take this?
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles