Solved

How can I eliminate bogus responses to my FormMail?

Posted on 2008-10-01
6
173 Views
Last Modified: 2010-04-21
I don't know the source, but over the last couple of weeks, I am getting a lot of bogus results on my FormMail. Example:

*****
Below is the result of your feedback form.  It was submitted by
Scot Mcclure () on Tuesday, September 30, 2008 at 08:26:55
---------------------------------------------------------------------------

Question(s): lcbpy7xhuls31p16
<a href= http://mocfcpf.com >eytygd xgsgjysg</a>
http://yziwwwjxhs.com 
<a href= http://sdturvqkup.com >ziqsj kjkuu</a>
http://bhszkogwf.com 
<a href= http://vtowpl.com >muubdr gvqxlow</a>
http://zbmtmd.com 
<a href= http://xkydvsz.com >iikenc zujyg</a>
http://mexdfky.com 


answer: by email ONLY

from: Craig Boyd

Submit: Submit Question

---------------------------------------------------------------------------
*****

Note that the "submitted by" and "from:" name fields do not match - this is characteristic of all results. I have not clicked on any of the "links" and have simply deleted these messages, but they are becoming a real nuisance. Please advise. Thank you.
0
Comment
Question by:webdrone
  • 2
  • 2
  • 2
6 Comments
 
LVL 44

Accepted Solution

by:
scrathcyboy earned 250 total points
ID: 22620682
This is simply people trying to SPAM you through your website.  I had the same thing on several websites.  These poor idiot morons think that by dumping a bunch of useless links into your form fields, that you are stupid enough to click on these links?   How stupid can they get??

Anyway, there is a max-length property for all INPUT fields -- set the max-length="15" or 20, or whatever you need for each input, but no more.

Second, you can do a javascript detect on all form fields, and if they are putting in links, you reject it there.  See my question here, the input will give you ways to stop these PESTS cold in their tracks.

http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_23642721.html
0
 
LVL 29

Assisted Solution

by:QPR
QPR earned 250 total points
ID: 22621756
These "people" are automated spambots. Reducing field lengths will result in you still receiving emails. Differencing being that the spam is shorter!
This is the reason that Captcha was invented to distinguish between human users and spambots.
http://en.wikipedia.org/wiki/Captcha

0
 

Author Closing Comment

by:webdrone
ID: 31502465
Limiting my "Question" field to 15-20 characters defeats the purpose of having a Q&A and unfortunately do not speak JAVA, but I do appreciate the responses will probably use Captcha. Thanks!
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:webdrone
ID: 22626294
Limiting the "Question" field on my form to 15-20 characters would defeat my purpose for having a Q&A, so that won't work as a complete solution for me. I don't grok JAVA, so a "detect" would take me way too long to implement, but I do appreciate the explanations. Although somewhat inelegant, I'll probably use "Captcha" to deal with my problem...

Is there a bounty on SPAMbots? Can I contribute?

Cheers!
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 22628983
"a "detect" would take me way too long to implement,"

Not at all, there are some great detect routines for www web addresses in the link I gave you above, you can just cut and paste them, and change the field names and in 15 minutes, you have a rigorous detect for spamming site.  

And QPR, no they are not automated, I tested that, it is someone manually submitting a form 100 times.
0
 
LVL 29

Expert Comment

by:QPR
ID: 22629793
Possibly, but I'm talking to the original poster.
999-1000 these submissions are automated.

Whoever does 1000 spam submissions at your site has far too much time on their hands.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Find out what you should include to make the best professional email signature for your organization.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now