Menu
▾
▴
chiphpug-discuss
|
From: Arlo L. <ar...@ar...> - 2008-09-04 19:37:39
|
Hi folks, I'm setting up an e-card sending function on a client's website, but I'm concerned that it will be abused by spammers looking for a free way to send mail. Do you have suggestions for how to prevent this? I can limit the number of outgoing recipients and sanitize the input to enforce that (I've seen people try to add a CC header to the recipient address and then add hundreds of additional recipients to the CC) but I imagine some spammers would still fool around with it. Maybe that's okay as long as they're not able to send more than one message at a time. I can also add a CAPTCHA to the form, but I don't have a sense of how much of this activity is automated vs. an actual person with a lot of time on his hands. I've seen spammers registering for forums who are apparently sitting there and going through the manual registration process. My client can't imagine anyone would bother with his e-card form, but I've seen so much garbage coming through my own sites that nothing would surprise me! Thanks, -Arlo _______________________________ Arlo Leach 773.769.6106 http://arlomedia.com Make friends with your computer http://compyschool.com |
|
From: Neil Y. <ny...@as...> - 2008-09-04 19:43:22
|
I used to work for the Field Museum and our e-card sites would get slaughtered from what appeared to be automated spam generators - programs that would find the form and just start dumping email addresses and the spam text in. At the time a simple captcha was always enough to stop it, as the whole process seemed to be automated - there never seemed to be any human involved as far as I could tell or perhaps our home-brew captcha wasn't valuable enough for them to waste their time on. Neil Arlo Leach wrote: > Hi folks, > > I'm setting up an e-card sending function on a client's website, but I'm > concerned that it will be abused by spammers looking for a free way to send > mail. Do you have suggestions for how to prevent this? > > I can limit the number of outgoing recipients and sanitize the input to > enforce that (I've seen people try to add a CC header to the recipient > address and then add hundreds of additional recipients to the CC) but I > imagine some spammers would still fool around with it. Maybe that's okay as > long as they're not able to send more than one message at a time. > > I can also add a CAPTCHA to the form, but I don't have a sense of how much > of this activity is automated vs. an actual person with a lot of time on his > hands. I've seen spammers registering for forums who are apparently sitting > there and going through the manual registration process. > > My client can't imagine anyone would bother with his e-card form, but I've > seen so much garbage coming through my own sites that nothing would surprise > me! > > Thanks, > -Arlo > > _______________________________ > > Arlo Leach > 773.769.6106 > http://arlomedia.com > > Make friends with your computer > http://compyschool.com > > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > chiPHPug-discuss mailing list > chi...@li... > https://lists.sourceforge.net/lists/listinfo/chiphpug-discuss > |
|
From: Kieran H. <kha...@gm...> - 2008-09-04 20:43:36
|
One method I've used that seems to work rather well is to add one or two text fields to the form and use css to make them invisible. In your code, if there is anything entered in those fields you can ignore it because it was probably filled in by a bot. might not work as well as captcha, but at least there's no more to fill in from the user. found the idea here: http://www.modernblue.com/web-design-blog/fighting-spam-with-css/ -Kieran On Thu, Sep 4, 2008 at 2:43 PM, Neil Young <ny...@as...> wrote: > I used to work for the Field Museum and our e-card sites would get > slaughtered from what appeared to be automated spam generators - > programs that would find the form and just start dumping email addresses > and the spam text in. At the time a simple captcha was always enough to > stop it, as the whole process seemed to be automated - there never > seemed to be any human involved as far as I could tell or perhaps our > home-brew captcha wasn't valuable enough for them to waste their time on. > > Neil > > > Arlo Leach wrote: > > Hi folks, > > > > I'm setting up an e-card sending function on a client's website, but I'm > > concerned that it will be abused by spammers looking for a free way to > send > > mail. Do you have suggestions for how to prevent this? > > > > I can limit the number of outgoing recipients and sanitize the input to > > enforce that (I've seen people try to add a CC header to the recipient > > address and then add hundreds of additional recipients to the CC) but I > > imagine some spammers would still fool around with it. Maybe that's okay > as > > long as they're not able to send more than one message at a time. > > > > I can also add a CAPTCHA to the form, but I don't have a sense of how > much > > of this activity is automated vs. an actual person with a lot of time on > his > > hands. I've seen spammers registering for forums who are apparently > sitting > > there and going through the manual registration process. > > > > My client can't imagine anyone would bother with his e-card form, but > I've > > seen so much garbage coming through my own sites that nothing would > surprise > > me! > > > > Thanks, > > -Arlo > > > > _______________________________ > > > > Arlo Leach > > 773.769.6106 > > http://arlomedia.com > > > > Make friends with your computer > > http://compyschool.com > > > > > > > > > > ------------------------------------------------------------------------- > > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > > Build the coolest Linux based applications with Moblin SDK & win great > prizes > > Grand prize is a trip for two to an Open Source event anywhere in the > world > > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > > _______________________________________________ > > chiPHPug-discuss mailing list > > chi...@li... > > https://lists.sourceforge.net/lists/listinfo/chiphpug-discuss > > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > chiPHPug-discuss mailing list > chi...@li... > https://lists.sourceforge.net/lists/listinfo/chiphpug-discuss > |
|
From: Arlo L. <ar...@ar...> - 2008-09-08 15:30:56
|
Hi folks, Thanks for the advice, Neil and Kieran! I think I will try this first, because it will be more streamlined for users... > One method I've used that seems to work rather well is to add one or two > text fields to the form and use css to make them invisible. In your code, if > there is anything entered in those fields you can ignore it because it was > probably filled in by a bot. ...but then add a CAPTCHA as a second step if we're still getting spam. Cheers, -Arlo _______________________________ Arlo Leach 773.769.6106 http://arlomedia.com Make friends with your computer http://compyschool.com |
|
From: Janine S. <jr...@ba...> - 2008-09-08 16:13:19
|
Arlo Leach wrote: > ...but then add a CAPTCHA as a second step if we're still getting spam. How do you add a CAPTCHA? Janine |
|
From: Trevor O. <tr...@gm...> - 2008-09-08 18:47:37
|
I suggest recaptcha. It's easy to embed in your site, it generates the images for you, and you do a service by helping people OCR scan books. 2008/9/8 Janine Starykowicz <jr...@ba...> > Arlo Leach wrote: > > ...but then add a CAPTCHA as a second step if we're still getting spam. > > How do you add a CAPTCHA? > > Janine > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > chiPHPug-discuss mailing list > chi...@li... > https://lists.sourceforge.net/lists/listinfo/chiphpug-discuss > -- -Trevor Oldak |
|
From: Arlo L. <ar...@ar...> - 2008-09-08 19:35:54
|
Hello, > How do you add a CAPTCHA? This website has good instructions: http://recaptcha.net Cheers, -Arlo _______________________________ Arlo Leach 773.769.6106 http://arlomedia.com Make friends with your computer http://compyschool.com |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X