Website form being spammed...

Simmy

Simmy

Simmy

Associate
Joined
26 Dec 2003
Posts
2,260
Location
UK
How can I stop the email form on my site being spammed? I get 6 emails a day and it's really annoying :mad: I don't want to have to get rid of the email form though.

Any suggestsions would be appreciated :)
 
Depends what the form is using to send the mail. I'm guessing it's PHP or something similar and not just and email action.

If it's PHP, what email address are you recieving email from? your own or another? Robots are pretty good at using your own email to spam you.
 
Yes, it's a PHP form with the email address embedded in there. And i'm receiving email from my own email address :(

I was thinking maybe one of those "Confirm the text displayed in the image above" things. Not sure what they're called :p But it stops any bots using the system. Are these easy to implement?
 
Last edited:
<?php
$my_email = "Query'at'smg-computers.com";

if ($_SERVER['REQUEST_METHOD'] != "POST"){exit;}

$message = "";

while(list($key,$value) = each($_POST)){if(!(empty($value))){$set=1;}$message = $message . "$key: $value\n\n";} if($set!==1){header("location: $_SERVER[HTTP_REFERER]");exit;}

$message = $message;
$message = stripslashes($message);

$subject = "SMG Query - " . stripslashes($_POST['Subject']);
$headers = "From: " . $_POST['Email'] . "\n" . "Return-Path: " . $_POST['Email'] . "\n" . "Reply-To: " . $_POST['Email'] . "\n";

mail($my_email,$subject,$message,$headers);

?>
Click to expand...

I've changed the email address in the code and removed the @
 
Then you can check against your own email address with an if statement.
Code: 
if (strpos($my_email, "Query'at'smg-computers.com")){ 
   echo "<p>A nice error message.</p>"; 
} else {
   //The Email action
}
You might want to wait for someone who's considerably better than me at PHP to have a look though. :)
 
Mr_L said:
A bit annoying for just sending an email though.
Click to expand...


Yup its too much trouble for an email IMO, but worth noting for the future.

Id rather some rules and be able to blacklist certain addresses.

I get some spam too on my PHP form so any info would be appreciated.
 
If it's bots that are causing you grief, just add a 'This message is not spam' checkbox, or a 'What colour is an orange?' textbox if you feel like going a bit over the top. If the form doesn't meet the requirements, take them back to the form and give them a snazzy error message :)
 
Lt. Manlove said:
The perfect solution to this problem, only human users may use the form.
Click to expand...

Or more correctly SOME human users may use the form.

Massive accesibility issue though as they are vision dependent (screen readers can't read the images unless you give them alt tags, in which case the bot could be coded to to pull them too and people with poor eye sight, dyslexia and in some cases colour blindness can have issues as well.

OK, not a big issue for personally/hobby web sights but becomes a factor the higher up the lader you go.
 
Al Vallario said:
If it's bots that are causing you grief, just add a 'This message is not spam' checkbox, or a 'What colour is an orange?' textbox if you feel like going a bit over the top. If the form doesn't meet the requirements, take them back to the form and give them a snazzy error message :)
Click to expand...

Brilliant idea, love it :)
I need to include that.
 
emailform.jpg


if (isset($_POST['Confirm']))
{
mail($my_email,$subject,$message,$headers);
}
else
{
echo "Please check the tick box confirming your details."?><a href="javascript:history.go(-1)" onMouseOver="self.status=document.referrer;return true"> <br>Back </a><?php ;
exit;
}
Click to expand...

Great idea mate. Will let you know if it works :)
 
Last edited:
oh no :( I was premature with my celebration...

Just received 4 spam emails all of which used the email form :( Hooooooow?!
 
You must log in or register to reply here.
Back
Top Bottom