How to use Spam Assassin to filter PHP Form

Hi,

I am trying to figure out how to use SpamAssassin to filter our spam from an HTML form. I have a "quick contact" page on my homepage and I am constantly getting spammers filling in junk. The current filters don't catch it because the "sender" (me) is a trusted source. I know i need to use something like

exec('/bin/echo $msg | /usr/bin/spamc -R', $output, $retval);

But i can't quite figure out how to make it work properly. Any advice would be appreciated.Thanks
exec('/bin/echo $msg | /usr/bin/spamc -R', $output, $retval);

Open in new window

LVL 1
jsimonuchcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

xtermCommented:
This works for me
$output=`echo $msg | /usr/bin/spamc -d localhost`;

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ray PaseurCommented:
My advice would be to forget Spam Assassin and instead add a CAPTCHA test to the form.  Here are two code snippets.  You can see how easy it is to use CAPTCHA and you can test it on my server here:
http://www.laprbass.com/RAY_captcha_in_action.php 
<?php // RAY_captcha_image.php
error_reporting(E_ALL ^ E_NOTICE);


// GENERATES A PICTURE OF A NUMBER INTO THE BROWSER OUTPUT


// DECODE THE INCOMING STRING
$data = base64_decode($_GET['dt']);

// CREATE AN IMAGE RESOURCE - CHOOSE THE SIZE THAT BEST MATCHES YOUR PAGE STYLE
$im = imagecreate(46,13);

// WHITE BACKGROUND
$bg = imagecolorallocate($im, 255,255,255);

// GRAY STRIPES
$gray = imagecolorallocate($im, 188,188,188);

// FIREBRICK TEXT
$text = imagecolorallocate($im, 178,34,34);

// ADD THE NUMBER TO THE IMAGE
imagestring($im,5,4,0,$data,$text);

// WRITE A GRAY STRIPE (OR MORE IF YOU CHOOSE)
imageline($im,4,12,38,0,$gray);

// SEND THE IMAGE INTO THE BROWSER OUTPUT STREAM
header('Content-type: image/png');
imagepng($im);
imagedestroy($im);

Open in new window

<?php // RAY_captcha_in_action.php
error_reporting(E_ALL);

// IF ANYTHING WAS POSTED
if (!empty($_POST))
{
    // TEST THE STRINGS
    if ($_POST["_newMd5"] != md5($_POST["_newCode"]))
    {
        // MIGHT WANT TO MAKE THIS USER-FRIENDLY
        echo 'SECURITY CODE NUMBER DID NOT MATCH';
    }
    else
    {
        echo "SUCCESS!";
    }
}
// END OF PHP - PUT UP THE FORM
?>
<form method="post">
<!-- STYLE THIS TO SUIT YOUR PAGE STYLE -->
Type <img style="display:inline;" src="RAY_captcha_image.php?dt=<?php $x = mt_rand(1000,10000); echo base64_encode($x); ?>" /> here:
<input name="_newCode" type="text"   maxlength="64" size="6" autocomplete="off" />
<input name="_newMd5"  type="hidden" value="<?php echo md5($x); ?>" />
<input type="submit" />
</form>

Open in new window

crazedsanityCommented:
One thing you may want to consider is using a CAPTCHA.  It might take a few extra seconds to fill out, but it will keep most of the spammers away (most of the ones I've been plagued by were automated anyway)... check out [http://recaptcha.net] on how to implement (it's pretty simple).
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

jsimonuchcAuthor Commented:
I don't want to use a CAPTCHA... this is just supposed to be a quick contact form for my clients and CAPTCHA's always irritate me and I don't want my clients to be turned off from submitting the form. I will try xterms solution and keep you advised
crazedsanityCommented:
Sounds good, just figured I'd offer an alternative.  It is an interesting idea, using Spam Assassin to check inputs.
jsimonuchcAuthor Commented:
This is what I ended up doing. Thanks for all of your help. This works pretty well, except you need to increase SpamAssassin's strictness, because I am feeding it valid headers every time.  Your suggestions enabled me to find this on the web:

http://www.devnetwork.net/viewtopic.php?f=14&t=93582
$headers = file_get_contents('default-headers.eml');
$content = file_get_contents('content.eml');
 
$fname = tempnam("/", "sa");
 
$message =  $content;
 
file_put_contents($fname, $message);
 
exec("/usr/bin/spamc -R < $fname", $res);
print_r($res);
print_r($message);
$myArray =  explode("/",$res[0]);
echo $myArray[0];
echo "\n";
unlink($fname);

Open in new window

jsimonuchcAuthor Commented:
Thanks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.