I have a simple contact me script that sends me personal emails about people wanting more information about my services. However, I have been getting lots of random spam. Can someone hook me up with a script that will help stop the spam? Below is one of the many sample spam messages I get each night. I get around 5-15 per day and less than 1 actual email per week that is legitimate. Any suggestions would help. I used to have a javascript applet that would return an error message if all fields weren't filled in, but that didn't help. Any help would be appreciated. Robert M. Cavezza Here's a sample spam message I have been getting from my script. ====================================================== ====================================================== ====================================================== Array ( [name] => victorianessaff [emaill] => viepaypezek112@gmail.com [state] => Namibia [class] => 2009 [comments] => nice tablets quality <a href=http://airsoftgunhelp.com/airsoft/member.php?u=28132>buy xanax without prescription</a> pharmacy technician <a href=http://forums.trumba.com/index.php?showuser=2848>buy valium online</a> comment avoir ventre plat <a href=http://www.myiwc.com/forums/member.php?u=3357>zoloft online pharmacy</a> health wellness program <a href=http://forums.epicgames.com/member.php?u=1363354>buy soma online</a> healthy recipe <a href=http://boinc.umiacs.umd.edu/view_profile.php?userid=20905>purchase ativan</a>
Can you name any captcha's that are easy to understand (I sometimes have to reenter the captcha 3 times at certain webpages) that are free.
captcha is the only option to this. You will get the script for generating captcha. It used GD library. Every contact us page or comment page where login is not required should be protected with captcha to prevent the email flooding by spamming bots.
It is not the only option, and not the most effective as it can be easily cracked. Personally, I use "question asking" where you ask the user a question and have an answer before hand. Something like 1 + 365, what color is an orange, etc. I found this method 100% fool proof. Peace,
I installed the captcha zdr yesterday and still received 5 more spam emails last night. That captcha is "question asking" such as azizny's post. Should I post my entire php file so you guys understand the code I have thus far?
Hi, I've found picture selecting to be the best form of human verification, for example, you ask the following question? Which one of these is a balloon? - Then show three/four small photos containing different objects, there is no way for automated spam bots to recognize from a photo which object is the correct one. It's actually very simple to create (if you know the basics of PHP) 1. Before anything else generate a random number based on how many images you have, store this in a session variable. 2. Show the question (from array/txt/database) and three or four small photo's giving them option boxes at the side to go with it, with the names of 1, 2, 3, 4. 3. On the final page, after submission - Use the random number in the session variable as an index to re-select the question (from either array/txt/database) and check the entered value against the correct one. It's a good idea to make your own captcha verification or modify an existing one, as this will give your website some uniqueness so that the spam bots will not have any routines recorded to get around your captcha system. Done a quick search on google and found an example of what I was talking about, here - Although this one looks ugly and is way too big for a normal contact form. Hope it helps a little. Regards, Steve
A simple fix would likely be to just check the referral as most spammers don't bother sending it. This would probably fix 98% of your issues
Block referrers coming from anywhere else other your site. $domain = ("http://yourdomain.com"); $ref = getenv ('HTTP_REFERER'); if(eregi($ref,$domain)) { //Send email here. } else { exit(); //Stops the entire script. } PHP: And use a captcha as well to maximize protection.
Mmmh,, I've got a recaptcha on my website and ever since spam stopped completely. Images are "easy to understand" and a refresh button is included. Easy to install as well.. http://recaptcha.net/
And, if you'd paid attention to the latest 4chan / Anonymous Time Magazine hack, you'd know that reCaptcha isn't even remotely safe - although it would take some dedication to beat it.
-[z]- method is best one i am using that from long time checking referrer is the best method to avoid bots or any automated scripts
You can spoof the referrer without cURL and most bots send referrers to try and get past this check, thats why I said use both methods. And as for reCaptcha I personally don't trust them... I use a free captcha script that I modified to keep the spam at bay. To be perfectly honest, some spammers will work hard to get the stuff posted/submitted even logic questions can be beaten with help of a Google and Yahoo! Answers scraper and the other problem is that it easy to make a scraper but at least the logic formula will be a challenge to crack. But overall a captcha and referrer check should protect you from most spam and the spam that gets through is just a fact of life that...