Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12
  1. #1
    Senior Coder
    Join Date
    Aug 2006
    Posts
    1,259
    Thanks
    10
    Thanked 277 Times in 276 Posts

    What are you doing with spam form inputs?

    I'm curious to hear what folks are doing with their form mailer routines, when they determine they have a bot or other spammer. Do you just stop processing right there? Do you display a "neener neener, this is spam" message back? Do you display a "thank you for your message, we will process it asap" message? Do you log it on the server for some reason? Do you track the reason why you determined it was spam?

  • #2
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,493
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    I just display the "thank you" without processing it.

  • #3
    Senior Coder
    Join Date
    Aug 2006
    Posts
    1,259
    Thanks
    10
    Thanked 277 Times in 276 Posts
    Thanks for the input. I've been sending the message anyway with the subject line changed to ** SPAM ** and including the reason I call it spam. It's interesting to see, but I'm not sure it's doing me all that much good and I am still clogging up the internets with all the mail being sent.

  • #4
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,493
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    How important is the form?

  • #5
    Senior Coder
    Join Date
    Aug 2006
    Posts
    1,259
    Thanks
    10
    Thanked 277 Times in 276 Posts
    I have a couple being heavily spammed. One is a "add me to your mailing list" form, and the other is part of an FAQ. The second one is on my business site, so I don't want to accidentally miss a real question by tossing out what I thought was spam, so I've been scanning the spam mails as they come in. Fortunately my filter seems to be working well (for the moment), so I'm getting no false positives.

  • #6
    wlf
    wlf is offline
    New Coder
    Join Date
    Aug 2012
    Posts
    61
    Thanks
    0
    Thanked 2 Times in 2 Posts
    I like the "thank you" without processing approach as you don't give them a chance to understand whether it worked or not.

    I would avoid a "neener neener, this is spam" sort of message, probably they would be more likely to attempt something else.
    A good programmer is someone who looks both ways before crossing a one-way street. Free hosting

  • #7
    Regular Coder Nerevarine's Avatar
    Join Date
    Jan 2013
    Location
    Phendrana Drifts, Tallon IV, W-Class
    Posts
    285
    Thanks
    0
    Thanked 17 Times in 17 Posts
    Blog Entries
    3
    I disagree. Spammers are not exactly known for going to large lengths to post spam. You should at least include something that indicates that the message was discarded as spam. Then, a legitimate user could resend the message or contact the webmaster to let him/her know that the message failed.
    Time kills us in our sleep and we watch it happen in our dreams. -K.K.
    THE END-ALL PROGRAMMING REFERENCE: CLICK HERE (Courtesy of Major Payne)
    My username was previously L0adOpt1c. :: Please read this before posting in the HTML/CSS forum.
    Validate your HTML here and your CSS here. :: Need basic HTML/CSS tutorials? Click here, don't post about it.

  • #8
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,493
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    loadopt1c has a good point. You'll never know if the user is a spammer or not. They now hire real people to spam forms and websites. I assume they pay them by how many they hit in one day. So protecting from spamming robots is not going to work anymore. That being said, a real user may fill it out wrong, or use "spamming" type words accidentally, so there should be some validation messages.

    I try to avoid any kind of online contact forms unless there is a system where the user registers and logs-in. That is inconvenient in some cases, but it is what it is.

  • #9
    Senior Coder
    Join Date
    Aug 2006
    Posts
    1,259
    Thanks
    10
    Thanked 277 Times in 276 Posts
    Quote Originally Posted by L0adOpt1c View Post
    I disagree. Spammers are not exactly known for going to large lengths to post spam. You should at least include something that indicates that the message was discarded as spam. Then, a legitimate user could resend the message or contact the webmaster to let him/her know that the message failed.
    Thing is, at this point I haven't received any legitimate mails that my sw decides is spam. So I'm hesitant to tell the spammers that I've determined their message is spam, in fear that they will change it around and fool my detection process the next time. I have no idea how focused they are on my particular site... maybe I'm reading too much into it. But over the years I've had to rewrite my spam detection several times as the spammers get better at what they do.

  • #10
    Senior Coder
    Join Date
    Aug 2006
    Posts
    1,259
    Thanks
    10
    Thanked 277 Times in 276 Posts
    Quote Originally Posted by mlseim View Post
    I try to avoid any kind of online contact forms unless there is a system where the user registers and logs-in. That is inconvenient in some cases, but it is what it is.
    But presumably you have this issue on your registration form then?

  • #11
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,493
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    Of course ... A human spammer can fill out a form and answer all captchas, so they can post anything they want and never appear as spam. When I look at my emails, or content in a database, the spamming links, porn links, dating service content is all there.

    Spammers don't like to spend the time to register, but some still take the effort. Once registered, they can log-in and fill out contact forms just like anyone else.

    It's just an unfortunate part of using the internet ... which is turning into a worldwide garbage landfill.

  • #12
    Regular Coder Nerevarine's Avatar
    Join Date
    Jan 2013
    Location
    Phendrana Drifts, Tallon IV, W-Class
    Posts
    285
    Thanks
    0
    Thanked 17 Times in 17 Posts
    Blog Entries
    3
    Turning into? As far as I knew, it's always been that way. The spammers are just getting more brazen.
    Time kills us in our sleep and we watch it happen in our dreams. -K.K.
    THE END-ALL PROGRAMMING REFERENCE: CLICK HERE (Courtesy of Major Payne)
    My username was previously L0adOpt1c. :: Please read this before posting in the HTML/CSS forum.
    Validate your HTML here and your CSS here. :: Need basic HTML/CSS tutorials? Click here, don't post about it.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •