Solved

How can I eliminate bogus responses to my FormMail?

Posted on 2008-10-01
6
172 Views
Last Modified: 2010-04-21
I don't know the source, but over the last couple of weeks, I am getting a lot of bogus results on my FormMail. Example:

*****
Below is the result of your feedback form.  It was submitted by
Scot Mcclure () on Tuesday, September 30, 2008 at 08:26:55
---------------------------------------------------------------------------

Question(s): lcbpy7xhuls31p16
<a href= http://mocfcpf.com >eytygd xgsgjysg</a>
http://yziwwwjxhs.com
<a href= http://sdturvqkup.com >ziqsj kjkuu</a>
http://bhszkogwf.com
<a href= http://vtowpl.com >muubdr gvqxlow</a>
http://zbmtmd.com
<a href= http://xkydvsz.com >iikenc zujyg</a>
http://mexdfky.com


answer: by email ONLY

from: Craig Boyd

Submit: Submit Question

---------------------------------------------------------------------------
*****

Note that the "submitted by" and "from:" name fields do not match - this is characteristic of all results. I have not clicked on any of the "links" and have simply deleted these messages, but they are becoming a real nuisance. Please advise. Thank you.
0
Comment
Question by:webdrone
  • 2
  • 2
  • 2
6 Comments
 
LVL 44

Accepted Solution

by:
scrathcyboy earned 250 total points
ID: 22620682
This is simply people trying to SPAM you through your website.  I had the same thing on several websites.  These poor idiot morons think that by dumping a bunch of useless links into your form fields, that you are stupid enough to click on these links?   How stupid can they get??

Anyway, there is a max-length property for all INPUT fields -- set the max-length="15" or 20, or whatever you need for each input, but no more.

Second, you can do a javascript detect on all form fields, and if they are putting in links, you reject it there.  See my question here, the input will give you ways to stop these PESTS cold in their tracks.

http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_23642721.html
0
 
LVL 29

Assisted Solution

by:QPR
QPR earned 250 total points
ID: 22621756
These "people" are automated spambots. Reducing field lengths will result in you still receiving emails. Differencing being that the spam is shorter!
This is the reason that Captcha was invented to distinguish between human users and spambots.
http://en.wikipedia.org/wiki/Captcha

0
 

Author Closing Comment

by:webdrone
ID: 31502465
Limiting my "Question" field to 15-20 characters defeats the purpose of having a Q&A and unfortunately do not speak JAVA, but I do appreciate the responses will probably use Captcha. Thanks!
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:webdrone
ID: 22626294
Limiting the "Question" field on my form to 15-20 characters would defeat my purpose for having a Q&A, so that won't work as a complete solution for me. I don't grok JAVA, so a "detect" would take me way too long to implement, but I do appreciate the explanations. Although somewhat inelegant, I'll probably use "Captcha" to deal with my problem...

Is there a bounty on SPAMbots? Can I contribute?

Cheers!
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 22628983
"a "detect" would take me way too long to implement,"

Not at all, there are some great detect routines for www web addresses in the link I gave you above, you can just cut and paste them, and change the field names and in 15 minutes, you have a rigorous detect for spamming site.  

And QPR, no they are not automated, I tested that, it is someone manually submitting a form 100 times.
0
 
LVL 29

Expert Comment

by:QPR
ID: 22629793
Possibly, but I'm talking to the original poster.
999-1000 these submissions are automated.

Whoever does 1000 spam submissions at your site has far too much time on their hands.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
The viewer will learn how to count occurrences of each item in an array.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now