[chiPHPug-discuss] making a spam-resistant e-card function

[Arlo L. <ar...@ar...>]

Hi folks,

I'm setting up an e-card sending function on a client's website, but I'm
concerned that it will be abused by spammers looking for a free way to send
mail. Do you have suggestions for how to prevent this?

I can limit the number of outgoing recipients and sanitize the input to
enforce that (I've seen people try to add a CC header to the recipient
address and then add hundreds of additional recipients to the CC) but I
imagine some spammers would still fool around with it. Maybe that's okay as
long as they're not able to send more than one message at a time.

I can also add a CAPTCHA to the form, but I don't have a sense of how much
of this activity is automated vs. an actual person with a lot of time on his
hands. I've seen spammers registering for forums who are apparently sitting
there and going through the manual registration process.

My client can't imagine anyone would bother with his e-card form, but I've
seen so much garbage coming through my own sites that nothing would surprise
me!

Thanks,
-Arlo

_______________________________

Arlo Leach
773.769.6106
http://arlomedia.com

Make friends with your computer
http://compyschool.com