We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Contact Form Spam


Peter Lanky

Likes # 0

I have a contact form on my website inviting people to enquire about my services. During the last 4 weeks all my spam has been of a similar style. The email address where the spam comes from is almost always in the form [email protected] with the names always being normal rather than silly, though the name of the sender is often silly. The other fields just contain random characters. The message always says "Good site, Admin" or "Good Post, Admin". No trying to link me to porn or sell me drugs or anything with any purpose at all.

Has anyone else experienced this, and if so, what are the aims of the spammer?

Like this post
Fruit Bat /\0/\

Likes # 0

what are the aims of the spammer?

If you open/reply they know it has reached a valid address, the real spam will then follow later.

Delete all e-mails from unknown addresses without opening.

Like this post
Peter Lanky

Likes # 0

I delete them as a matter of course. However the spammer would easily know that the email address was valid as nobody would have a contact form that delivers an email to an address that doesn't exist (unless they have a commercial death wish) so I still cannot see the gain. And why "Good site, Admin" or "Good Post, Admin" as a message?

Like this post
Taff™

Likes # 0

I have a similar problem with a couple of sites I host. The PHP script I use is supposed to get round this but someone has cracked the code and the spam actually comes via the contact form. Most annoying! What type of Form Mail are you using? Can you give us a link to your Contact Form.

Like this post
Peter Lanky

Likes # 0

Link to contact form: click here
I have all sorts of the normal spam in the past, and though annoying, spam hasn't yet got to the stage where I cannot find real emails. This current 'campaign' of spam started very suddenly, and at the moment 90% of my spam has "Good site, Admin" or "Good Post, Admin" as the message.

Like this post
Taff™

Likes # 0

I`ve had a quick look and it seems to use a PHP script called feedback.php - I assume this was a free script or was this feature provided by a website designer? In any event it may be customisable to include a Captcha element where the users have to enter a random set of numbers or letters before submitting the form.

I too get a few with similar subject titles and the most persistant are from Rumania. This thread might get more qualified advice in the Web Design Forum. I`ll suggest that FE moves it there for you and watching with interest.

Like this post
Forum Editor

Likes # 0

to WebDesign.

Like this post
Peter Lanky

Likes # 0

I have tried to incorporate a Captcha element before, but the end result always looked a mess. It wss a bit beyond my technical ability, so I removed it.

Like this post
HighTower

Likes # 0

You could try including an antispam question in the form. I use one such as "what is 6 + 3", and if the answer submitted in the form is anything other than 9 then the form cannot be submitted.

If you use Dreamweaver (a fairly recent version) then you can quite easily put a Spry behaviour in that does this for you using the built in DW scripting.

I also make sure that all forms are validated, that phone number fields are only allowed to contain numbers and email addresses must be in the correct format (though a lot of spammers can recognise email fields now).

It's an on-going battle I'm afraid!!

Like this post
Taff™

Likes # 0

Thanks FE. Brilliant idea HighTower but how do we adapt the PHP script to do that? I now it`s got something to do with mandatory fields, can you give us an example please.

Like this post
Kemistri

Likes # 0

A simple anti-spam question is not a bad idea - infinitely better than any CAPTCHA system - but it's no longer a 100% solution and it shouldn't be necessary really. I never use one on any of my clients' sites. Remember that simply validating fields for "correct" content is not quite the right direction to take on its own - you need to validate against unwanted content as well.

If you need an off-the-shelf solution that works well, you could take a look at scripts such as the DD Form Mailer, the Green Beast v3 script, or the Jemjabella v2 script. I use a script that incorporates some similar methods. Those three range from pretty secure to very secure, using different solutions which you could add to your scripts or maybe replace them entirely. In particular, check how the Jemjabella script uses a simple but very robust array to filter out so-called bad words and bots. Updated lists of bots can be found on the net. Form Mailer FE might be worth a look as well, but it's far from the most efficient code, so it runs slowly as a result and it's harder to work with.

Hope that helps.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Nexus 6 vs Sony Xperia Z3 comparison: Lollipop phablet takes on KitKat flagship smartphone

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Free rocket & space sounds: NASA launches archive of interstellar audio on SoundCloud

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests, beautiful...