Link to home
Start Free TrialLog in
Avatar of intangiblemedia
intangiblemediaFlag for Afghanistan

asked on

Web Form Spambot Prevention

Hi,

I have a big problem with Spambots autoinjecting code into my website forms - I dont know if they are using the "thank you" page where the server side scripting resides or the actual form - which does have javascript validation but doesnt have a captcha.

Attached are 2 files -
1) The code used for sending the email
2) The typical spambot email received.

Many thanks,

Ben lead-from-website.txt
<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<!--#include file="ScriptLibrary/incSmartMailer.asp" -->
<%
' Smart Mailer 1.0.7
' Send on load
Server.ScriptTimeout = 10
Set sm1 = new SmartMailer
sm1.checkVersion "1.07"
sm1.contentCharset = "us-ascii"
Session.CodePage = sm1.getCodepage()
sm1.smtpSetup "localhost", "25", "", ""
sm1.pickup = ""
sm1.component = "cdo"
sm1.tmpFolder = ""
sm1.embedImages = false
sm1.progressBar = ""
sm1.ignore_errors = true
sm1.useQueue = true
sm1.setFrom "Some Website", "someemailadd"
sm1.setTo "Someone", "anotheremailadd"
sm1.setCc "", ""
sm1.setBcc "", ""
sm1.Subject = "Try our School for Free"
' using static for body
sm1.setBody_Static_html "<font color=""#000000"" size=""2"" face=""Arial, Helvetica, sans-serif"">Lead from the website..." & vbCRLF & "" & vbCRLF & "Name: " & (Request("cusname")) & "" & vbCRLF & "Child Name: " & (Request("cuschiname")) & "" & vbCRLF & "Child Age: " & (Request("cuschiage")) & "" & vbCRLF & "Mobile: " & (Request("custel")) & "" & vbCRLF & "Email: " & (Request("cusemail")) & "" & vbCRLF & "Comments: " & (Request("cuscomments")) & "" & vbCRLF & "" & vbCRLF & "=======================================" & vbCRLF & "" & vbCRLF & "Please remember that this is an automatic email and you cannot reply to it." & vbCRLF & "</font>"
' Attachments none
sm1.sendMail "one"
%>

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Big Monty
Big Monty
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of intangiblemedia

ASKER

Thats a good option :)
Other than using capcha I think that'd be the easiest
Actually didnt work - I think Spambots may detect Input Type Hidden and not populate it... But I will try doing it with INPUT TYPE TEXT but set CSS display to none.

Kind regards,

Ben