Website form being spammed...

Associate
Joined
26 Dec 2003
Posts
2,260
Location
UK
How can I stop the email form on my site being spammed? I get 6 emails a day and it's really annoying :mad: I don't want to have to get rid of the email form though.

Any suggestsions would be appreciated :)
 
Soldato
Joined
28 Jan 2005
Posts
3,732
Location
Worcester
Depends what the form is using to send the mail. I'm guessing it's PHP or something similar and not just and email action.

If it's PHP, what email address are you recieving email from? your own or another? Robots are pretty good at using your own email to spam you.
 
Associate
OP
Joined
26 Dec 2003
Posts
2,260
Location
UK
Yes, it's a PHP form with the email address embedded in there. And i'm receiving email from my own email address :(

I was thinking maybe one of those "Confirm the text displayed in the image above" things. Not sure what they're called :p But it stops any bots using the system. Are these easy to implement?
 
Last edited:
Associate
OP
Joined
26 Dec 2003
Posts
2,260
Location
UK
<?php
$my_email = "Query'at'smg-computers.com";

if ($_SERVER['REQUEST_METHOD'] != "POST"){exit;}

$message = "";

while(list($key,$value) = each($_POST)){if(!(empty($value))){$set=1;}$message = $message . "$key: $value\n\n";} if($set!==1){header("location: $_SERVER[HTTP_REFERER]");exit;}

$message = $message;
$message = stripslashes($message);

$subject = "SMG Query - " . stripslashes($_POST['Subject']);
$headers = "From: " . $_POST['Email'] . "\n" . "Return-Path: " . $_POST['Email'] . "\n" . "Reply-To: " . $_POST['Email'] . "\n";

mail($my_email,$subject,$message,$headers);

?>

I've changed the email address in the code and removed the @
 
Soldato
Joined
28 Jan 2005
Posts
3,732
Location
Worcester
Then you can check against your own email address with an if statement.
Code:
if (strpos($my_email, "Query'at'smg-computers.com")){ 
   echo "<p>A nice error message.</p>"; 
} else {
   //The Email action
}
You might want to wait for someone who's considerably better than me at PHP to have a look though. :)
 
Soldato
Joined
23 Oct 2003
Posts
8,899
Location
Hampshire, UK
Mr_L said:
A bit annoying for just sending an email though.


Yup its too much trouble for an email IMO, but worth noting for the future.

Id rather some rules and be able to blacklist certain addresses.

I get some spam too on my PHP form so any info would be appreciated.
 
Soldato
Joined
3 Aug 2005
Posts
4,534
Location
UK
If it's bots that are causing you grief, just add a 'This message is not spam' checkbox, or a 'What colour is an orange?' textbox if you feel like going a bit over the top. If the form doesn't meet the requirements, take them back to the form and give them a snazzy error message :)
 
Associate
Joined
23 Oct 2002
Posts
1,089
Location
London - Baka Gaijin
Lt. Manlove said:
The perfect solution to this problem, only human users may use the form.

Or more correctly SOME human users may use the form.

Massive accesibility issue though as they are vision dependent (screen readers can't read the images unless you give them alt tags, in which case the bot could be coded to to pull them too and people with poor eye sight, dyslexia and in some cases colour blindness can have issues as well.

OK, not a big issue for personally/hobby web sights but becomes a factor the higher up the lader you go.
 
Soldato
Joined
23 Oct 2003
Posts
8,899
Location
Hampshire, UK
Al Vallario said:
If it's bots that are causing you grief, just add a 'This message is not spam' checkbox, or a 'What colour is an orange?' textbox if you feel like going a bit over the top. If the form doesn't meet the requirements, take them back to the form and give them a snazzy error message :)

Brilliant idea, love it :)
I need to include that.
 
Associate
OP
Joined
26 Dec 2003
Posts
2,260
Location
UK
emailform.jpg


if (isset($_POST['Confirm']))
{
mail($my_email,$subject,$message,$headers);
}
else
{
echo "Please check the tick box confirming your details."?><a href="javascript:history.go(-1)" onMouseOver="self.status=document.referrer;return true"> <br>Back </a><?php ;
exit;
}

Great idea mate. Will let you know if it works :)
 
Last edited:
Associate
OP
Joined
26 Dec 2003
Posts
2,260
Location
UK
oh no :( I was premature with my celebration...

Just received 4 spam emails all of which used the email form :( Hooooooow?!
 
Soldato
Joined
28 Jan 2005
Posts
3,732
Location
Worcester
Did you try my suggestion in post 6? I know for a fact that works because you can't send email from my script via my own email address.
 
Back
Top Bottom