Spammed web forms

We have a form using the PHP form action. Recently the form is getting more spammed replies. I thought that maybe some low cost labour was completing the form by hand, and adding viagra messages and URLs into the message field.

But then I noticed, a normal form reply, had all the fields displayed in the email, whether they had completed them or not, but the spam replies only had the fields they completed, and nothing else.

The spam is slowly increasing, so, have they, do they, just have my form listed with other web site forms, and together with a PHP script just fires out to all these forms?

What’s the easiest way to stop this?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

easiForm will certainly help here, it has an option in the
configuration file to either remove the links from these e-mails or
just not let them through (whichever you prefer). Adding one of the
image or math captchas will help stop bots although I am sure the type
of spam you mention is done by a person.

The server that uses the easiForm scripts will need to be able to use
the ioncube decoders and run PHP 4 or above.

See here:
http://www.easibase.com/freeway/freeway_form.php

Mike

On Dec 5, 2007, at 10:42 AM, dwn wrote:

We have a form using the PHP form action. Recently the form is
getting more spammed replies. I thought that maybe some low cost
labour was completing the form by hand, and adding viagra messages
and URLs into the message field.

But then I noticed, a normal form reply, had all the fields
displayed in the email, whether they had completed them or not, but
the spam replies only had the fields they completed, and nothing else.

The spam is slowly increasing, so, have they, do they, just have my
form listed with other web site forms, and together with a PHP
script just fires out to all these forms?

What’s the easiest way to stop this?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

If its done by a person, how do they remove the field titles in the reply email?

A genuine email has all the field titles (completed or not) in the reply email.


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

On Dec 5, 2007, at 11:28 AM, dwn wrote:

If its done by a person, how do they remove the field titles in the
reply email?

A genuine email has all the field titles (completed or not) in the
reply email.

Is the spam coming from the same e-mail address your form uses?

Anyway, they have their bag of tricks for doing many things that
people do not expect.
The ones I got had the field titles, anyway this was one of the
reasons I put easiForm together, it was originally for my own sites to
stop this and other spam problems, using it has stopped these emails.

Hope this helps.
Mike


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

If you’re using Tim’s PHP form action, make sure you have the latest version. It has some bits in there to prevent misuse of the form, though it can’t do much for a form filled out with junk that just gets sent to the “proper” destination.


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options