?
Solved

How to use Spam Assassin to filter PHP Form

Posted on 2011-10-25
7
Medium Priority
?
520 Views
Last Modified: 2012-06-27
Hi,

I am trying to figure out how to use SpamAssassin to filter our spam from an HTML form. I have a "quick contact" page on my homepage and I am constantly getting spammers filling in junk. The current filters don't catch it because the "sender" (me) is a trusted source. I know i need to use something like

exec('/bin/echo $msg | /usr/bin/spamc -R', $output, $retval);

But i can't quite figure out how to make it work properly. Any advice would be appreciated.Thanks
exec('/bin/echo $msg | /usr/bin/spamc -R', $output, $retval);

Open in new window

0
Comment
Question by:jsimonuchc
7 Comments
 
LVL 19

Accepted Solution

by:
xterm earned 2000 total points
ID: 37028080
This works for me
$output=`echo $msg | /usr/bin/spamc -d localhost`;

Open in new window

0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 37030733
My advice would be to forget Spam Assassin and instead add a CAPTCHA test to the form.  Here are two code snippets.  You can see how easy it is to use CAPTCHA and you can test it on my server here:
http://www.laprbass.com/RAY_captcha_in_action.php 
<?php // RAY_captcha_image.php
error_reporting(E_ALL ^ E_NOTICE);


// GENERATES A PICTURE OF A NUMBER INTO THE BROWSER OUTPUT


// DECODE THE INCOMING STRING
$data = base64_decode($_GET['dt']);

// CREATE AN IMAGE RESOURCE - CHOOSE THE SIZE THAT BEST MATCHES YOUR PAGE STYLE
$im = imagecreate(46,13);

// WHITE BACKGROUND
$bg = imagecolorallocate($im, 255,255,255);

// GRAY STRIPES
$gray = imagecolorallocate($im, 188,188,188);

// FIREBRICK TEXT
$text = imagecolorallocate($im, 178,34,34);

// ADD THE NUMBER TO THE IMAGE
imagestring($im,5,4,0,$data,$text);

// WRITE A GRAY STRIPE (OR MORE IF YOU CHOOSE)
imageline($im,4,12,38,0,$gray);

// SEND THE IMAGE INTO THE BROWSER OUTPUT STREAM
header('Content-type: image/png');
imagepng($im);
imagedestroy($im);

Open in new window

<?php // RAY_captcha_in_action.php
error_reporting(E_ALL);

// IF ANYTHING WAS POSTED
if (!empty($_POST))
{
    // TEST THE STRINGS
    if ($_POST["_newMd5"] != md5($_POST["_newCode"]))
    {
        // MIGHT WANT TO MAKE THIS USER-FRIENDLY
        echo 'SECURITY CODE NUMBER DID NOT MATCH';
    }
    else
    {
        echo "SUCCESS!";
    }
}
// END OF PHP - PUT UP THE FORM
?>
<form method="post">
<!-- STYLE THIS TO SUIT YOUR PAGE STYLE -->
Type <img style="display:inline;" src="RAY_captcha_image.php?dt=<?php $x = mt_rand(1000,10000); echo base64_encode($x); ?>" /> here:
<input name="_newCode" type="text"   maxlength="64" size="6" autocomplete="off" />
<input name="_newMd5"  type="hidden" value="<?php echo md5($x); ?>" />
<input type="submit" />
</form>

Open in new window

0
 
LVL 9

Expert Comment

by:crazedsanity
ID: 37030761
One thing you may want to consider is using a CAPTCHA.  It might take a few extra seconds to fill out, but it will keep most of the spammers away (most of the ones I've been plagued by were automated anyway)... check out [http://recaptcha.net] on how to implement (it's pretty simple).
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:jsimonuchc
ID: 37031288
I don't want to use a CAPTCHA... this is just supposed to be a quick contact form for my clients and CAPTCHA's always irritate me and I don't want my clients to be turned off from submitting the form. I will try xterms solution and keep you advised
0
 
LVL 9

Expert Comment

by:crazedsanity
ID: 37031525
Sounds good, just figured I'd offer an alternative.  It is an interesting idea, using Spam Assassin to check inputs.
0
 
LVL 1

Author Comment

by:jsimonuchc
ID: 37032193
This is what I ended up doing. Thanks for all of your help. This works pretty well, except you need to increase SpamAssassin's strictness, because I am feeding it valid headers every time.  Your suggestions enabled me to find this on the web:

http://www.devnetwork.net/viewtopic.php?f=14&t=93582
$headers = file_get_contents('default-headers.eml');
$content = file_get_contents('content.eml');
 
$fname = tempnam("/", "sa");
 
$message =  $content;
 
file_put_contents($fname, $message);
 
exec("/usr/bin/spamc -R < $fname", $res);
print_r($res);
print_r($message);
$myArray =  explode("/",$res[0]);
echo $myArray[0];
echo "\n";
unlink($fname);

Open in new window

0
 
LVL 1

Author Closing Comment

by:jsimonuchc
ID: 37032197
Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
This holiday season, we’re giving away the gift of knowledge—tech knowledge, that is. Keep reading to see what hacks, tips, and trends we have wrapped and waiting for you under the tree.
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses
Course of the Month16 days, 13 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question