Announcement

**Duncan Rounding** · 06-Nov-2007, 01:07 PM

I would change your contact email addresses on the site and obfuscate them in some way. There are different ways mentioned in past posts on how to do this, a search should bring them up.

**Mike Hughes** · 06-Nov-2007, 01:09 PM

Yes, it's spam.

It probably comes from a form submission robot that does it automatically. I think the best way to beat it would be to put up a captcha.

If I'm not mistaken we had a discussion about captchas on the forum a while back.

Mike

**Barry** · 06-Nov-2007, 01:17 PM

I read a piece recently about a Firefox toobar that allows you to convert Posts to Gets on ive sites, spammers were using this to add links to high level sites (.edu and .govs) then create a link to the page you have just created on the .gov site so that google thinks the .gov site is linking to you

i wonder if this is whats going on here, simply submitting a load of links to a business seems like a total waste of time if there wasnt something else herre

ive been looking around for odd links to show up to us which would point to this but have found nothing

i dont know if changing the destiniation email will do anything if this is what they are up to, a captcha would work yes but that seems like a lot of work

One day im going to meet someone at a party or social gathering and they are going to tell me they are a spammer, ill enjoy the rest of the night after that i can tell you!!! b*st*rds!!!!

**Mike Hughes** · 06-Nov-2007, 02:00 PM

I ended up putting a captcha form on one of my sites last year after this kind of problem. It only took about an hour to implement, protect a few files on the server and test and it stopped the spamming dead in it's tracks. Before this I'd blocked a few IP addresses but it would come back over time.

I suspect this is being done by robots that automatically spam submission forms of all kinds. Probably on the basis that some might show the content (on forums, guestbooks, leave a comment, etc) and it's easier to bombard everything automatically rather then be selective.

Mike

PS. I think the captcha I used is called Freecap http://www.puremango.co.uk/cm_php_ca...script_113.php

**Darren B** · 06-Nov-2007, 03:52 PM

I have been getting these for months, oneday i might get around to putting something on there, hey one for the wish list

D

**pinbrook** · 06-Nov-2007, 04:44 PM

I've got captcha on all my sites, i install it as default now....

and SPF records too

rather than kill it i don't let it happen

**martinkay** · 09-Nov-2007, 10:35 AM

I'm getting loads of these and actually I don't really need the "Contact Us" form on the site, I'm happy to just put a munged email address up there. For the moment I've taken one of the zeros out of the name of the .pl script and removed the form in the site design, which has stopped the flow of these, is there a better way to do this though?

**pinbrook** · 09-Nov-2007, 11:04 AM

It would be better to remove the form so your customers do not try to use a broken form.

Then just put your email on the page in the form of an image

**martinkay** · 09-Nov-2007, 11:49 AM

I've already removed the form and munged my email. But the spammers know the address of the form pl script and are spamming it, that's why I renamed it on the web server. I am presuming the next time I do an upload though, Actinic will "fix" it and reinstate the correct name, or is that not the case?

**Barry** · 09-Nov-2007, 12:25 PM

seems like a lot of hassle

it seems we can either;
1 install a captcha - more work for us and hassle for the customer
2 remove the form and add munged email links - more work for us, spammers will probably get the email addresses after a while
3 just delete the spam as it comes in - Least amount of work for us as Outlook spam filters are getting most of them

so with the huge huge list of other problems that we have after upgrading the site to V8 we are opting for option 3, that is on the understanding that these spams are nothing more sinister to worry about for now

**los_design** · 09-Nov-2007, 12:32 PM

Originally posted by Barry

seems like a lot of hassle

it seems we can either;
1 install a captcha - more work for us and hassle for the customer
2 remove the form and add munged email links - more work for us, spammers will probably get the email addresses after a while
3 just delete the spam as it comes in - Least amount of work for us as Outlook spam filters are getting most of them

so with the huge huge list of other problems that we have after upgrading the site to V8 we are opting for option 3, that is on the understanding that these spams are nothing more sinister to worry about for now

I see where you are coming from Barry but not sure your host would agree should the spammers escalate to a level that is detrimental to the server performance...it can happen (assuming you are on shared not dedicated)

**pinbrook** · 09-Nov-2007, 04:52 PM

I see where you are coming from Barry but not sure your host would agree should the spammers escalate to a level that is detrimental to the server performance...

As a host I have to agree with Los, one of our shared mailservers has been blocked by BT/Yahoo for most of this week.

Most hosts will have an admin acct with most ISPs where they can monitor mail that is being reported as spam and take the necessary steps to stop it. It would be nice if website owners took some responsibility themselves as hosts can easiliy get flooded trying to prevent spam/blocks

BT/Yahoo do not offer this service to hosts - thus you could inadvertantly trigger a ban to which the only solution is to sit it out - at great inconvenience to all other mailserver users.

**martinkay** · 07-Dec-2008, 10:43 AM

I find myself revisiting this thread, having changed the final sequential number of my Actinic scripts, this foxed the spammers for a while, but I am now starting to get these spam forms again, there's an example below. I don't really want to go the captcha route, but something I have seen done on other sites' contact forms is to have a field called "Answer this sum: 2 plus 2" and reject the form submission if a 4 is not entered in the box. Could this be an effective alternative, and if so, how would I implement it in the Actinic environment?
Cheers
Martin

<Edited by Ben>

**pinbrook** · 07-Dec-2008, 05:24 PM

Why are you so anti utilising capchta? there are some captchas that are presented so they are easy to read. adding a script to ask a question similar to whats`2 plus 2 is pretty well the same as captcha anyway

Announcement

new spam tactic?

new spam tactic?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment