Mail Function Spam Issues
So, I'm using the mail(); function to send comments to my email address. I just made the site live about 4 days ago and yesterday I got what appears to be spam...
Message 1 (Some Russian message about electric treadmills...)
Купить беговые дорожки для дома и похудения. Выбрать механические... <br /> Электрические беговые дорожки для дома работают благодаря электромотору, поэтому их не нужно самостоятельно приводить в движение. <br /> Звоните 8 9152669903, консультации бесплатно.
It appears that they are legitimate messages from a visit to my site, but I just don't under stand how they found my site or why they would send it. Is it a person or some automated script doing it? would a captcha stop this?
In this week's conversation keyed on online gambling simple, straightforward guy. casino online sverige http://kluhartem.com/
- online casino bonus casino online sverige casino online sverige Bob Kellie gambling $2, 603 150.
You can filter for spam and or email addresses.
the russian one is easy, you just look for .ru in the email address, you can then still have those messages sent to you but your mail() routine could add [SPAM] to the subject line, your email client can then filter all messages with a subject line that contains [SPAM] to a separate folder so you can then later look at designing a filter for your web form to recognize Spam so the flow is truncated at the server.
Your mail() function can parse the body for keywords like ...
v.i.a.g.r.a and all its other permutations
etc., and do the same as previous, add [SPAM] to the subject line.
Does your form have a captcha script? If not your form will be open to abuse.
One way of finding contact forms is when google crawls the site, your contact form is found, you may want to have the contact page name changed or to require a further click to a form that issues a web form and your handler script checks to see if it issued a web form because SPAM can come from a PUSH method, most forms follow a standard format of
Which could be
some spam scripts will request the page, the format of the page is analysed for its fields and the names in the HTML to know what format the page is in to push a message.
captcha will curb bots but the more sophisticated bots can mimic a human input, the flaw in captcha is in the audio, a bot can convert audio to words/letters/numbers if it has the capability to convert audio in to characters, the field validation can then be completed and spam gets through.
Some devs may wonder why a spammer would go to such lengths, sometimes its like crackers, they do it because its a challenge to show just how clever they are and because they can.
So the question is how far do you want to take this?
... and please remember to wrap code with forum BBCode tags:-
[CODE]...[/CODE] [HTML]...[/HTML] [PHP]...[/PHP]
If you can't think outside the box, you will be trapped forever with no escape...
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)