Re: web form and spam mails.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I found an ingenious idea online (don't remember the site) and implemented
it on a web-form and have 100% spam filtering and 100% valid emails going
through.

The concept is that you set a trap that the spam bots will fall into.  They
crawl your pages looking for forms.  When they find forms they try to fill
them out with their pre-created fields.  They will look for fields such as
Name, Address, Subject, Body, Email, Phone, etc.  Then they will craft a GET
string based off of the <form action=""> url.

So, I created a new input text field called "email2" which was used for the
REAL email field and I used my regular "email" input field as a trap.  Here
is my (very simplified) code:

<form name="info" action="send.php" method="post">
<input size="1" name="email" type="text" style="width: 1px; height: 1px;
border: solid 0 #FFF;" />
Name: <input size="30" type="text" name="name" /><br />
Email: <input size="30" type="text" name="email2" id="email" /><br />
Message: <br /><textarea name="message" id="message" rows="10"
cols="29"></textarea><br />
<input type="submit" value="Send now" class="submit"/>
</form>

You'll notice that the "email" field has some css which is telling it to be
1x1 pixels with a white border.  This makes it invisible and no human should
ever fill this out.  The spambots, on the other hand, come to the site, fill
out ALL the fields (especially the "email" field) and submit it.

At that point you just write some PHP code to filter out all emails which
have the "email" field filled out and continue posting/emailing the valid
ones.  In this case, my intent was to send emails upon submission.  Here is
the php validation code I wrote to do this:

<?php
/* SPAM TRAP */
$Email      = isset($_POST['email2']) ? $_POST['email2'] : '';
$Email_fake = isset($_POST['email']) ? $_POST['email'] : '';
$Name       = isset($_POST['name']) ? $_POST['name'] : '';
$Message    = isset($_POST['message']) ? $_POST['message'] : '';
$SendTo     = 'user@xxxxxxxxxx';

/* Spam bot filter */
if($Email_fake == ""){
    // Legitimate email
    mail($SendTo,'[Spam-free email]','Sent: '.date('m/d/Y h:i:s')."\nSender:
$Name ($Email)\nQuestion: $Message")
}else{
    // Spam Email
    mail($SendTo,'[Spam email caught]','Sent: '.date('m/d/Y
h:i:s')."\nSender: $Name ($Email)\nFalse Email: $Email_fake\nQuestion:
$Message");
}
    print '<h2>Thank you for your submission.</h2></p>';
// End of Spam Filter
?>

Hope this works for you.  It's working PERFECTLY for me.  I'd love to hear
any feedback on this as well. =)

Thanks,
Dean Householder


On 7/6/07, ~Tarun~ <tarun.virgo@xxxxxxxxx> wrote:
>
> Hello Members,
>
> I am facing big trouble with Spam mails.
>
> I hve webform on my website http://www.silvocrafts.com
>
> I have done all security measures but still this kind of mails is creating
> trouble for me. 100's of email daily like this. Please suggest how to
> prevent this kind of spamming in web forms by php.
>
> Attached the mail i get from web form.
>
> Regards,
>
> Tarun
>
> ----------------------------
> Silvocrafts.com Enquiry
> First name : hoodia diet
> Last name : buy hydrocodone online
> Email : 6dWzvQuEm@xxxxxxxx
> Company : le top de poker en ligne
> Business Type : Nature of your Business-
> Designation :
> Address : drug rehabilitation [url=
> http://www.cahunger.com/_disc1/000007fe.htm]drug rehabilitation[/url]
> http://www.cahunger.com/_disc1/000007fe.htm pacific poker [url=
> http://www.freewebs.com/poker-824/poker-4.html]jeu de poker en ligne[/url]
> http://www.freewebs.com/poker-824/poker-4.html [url=
> http://www.freewebs.com/poker-226/jeu-18.html]jouez ligne[/url] jeu flash
> http://www.freewebs.com/poker-226/jeu-18.html [url=
> http://www.freewebs.com/casino-526/online-casino-8.html]casino ligne[/url]
> http://www.freewebs.com/casino-526/online-casino-8.html casinos en ligne
> top poker promotions [url=http://www.freewebs.com/poker-99/poker-3.html]lemeilleur poker en ligne[/url]
> http://www.freewebs.com/poker-99/poker-3.html
> Country : casino en line
> Telephone :
> Fax : jouer casino
> Message : free virgin mobile ringtone [url=
> http://www.freewebs.com/ringtone-745/free-ringtone-11.html]free cingular
> ringtone[/url] http://www.freewebs.com/ringtone-745/free-ringtone-11.htmljouer casino [url=
> http://www.freewebs.com/casino-821/jeu-casino-14.html]jeu casino
> gratuit[/url] http://www.freewebs.com/casino-821/jeu-casino-14.html [url=
> http://www.hawkman.org/tarot/forum/_disc1/00001dd2.htm]vigrx[/url] vigrx
> http://www.hawkman.org/tarot/forum/_disc1/00001dd2.htm [url=
> http://www.freewebs.com/casino-172/casino-10.html]gambling[/url]
> http://www.freewebs.com/casino-172/casino-10.html gambling [url=
> http://www.freewebs.com/casino-274/jeu-casino-13.html]jeu casino
> gratuit[/url] http://www.freewebs.com/casino-274/jeu-casino-13.html casino
> jeu
> Item :
>
> [Non-text portions of this message have been removed]
>
>
>
> PHP Data object relational mapping generator
> http://www.metastorage.net/
> Yahoo! Groups Links
>
>
>
>


[Non-text portions of this message have been removed]


[Index of Archives]     [PHP Home]     [PHP Users]     [PHP Soap]     [Kernel Newbies]     [Yosemite]     [Yosemite Campsites]

  Powered by Linux