cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

web email form being spammed

wheelyjon
Newbie
Posts: 4
Registered: ‎03-12-2007

web email form being spammed

‎04-12-2007 11:40 AM

Please can you help me. I have an emailing form on a website http://www.torwell.plus.com/torwood/index.htm and the form is being spammed. If I change the email address to which the form goes, the spam immediately goes to the new address. All the spams have very similar senders, eg. oarf@yahoo.com, leivy@aol.com, tarck@gmail.com etc and the subject is always Email from Torwood Web3, or whatever address I choose to use.
I had hoped that using a form with a 'throw away' address would avoid the spam problem. Is there anything that I can do as I am receiving hundreds of spams through the form.
Regards John
Angry
Message 1 of 9
(11,848 Views)
0 Thanks
8 REPLIES 8
Alex
Community Veteran
Posts: 5,500
Thanks: 921
Fixes: 13
Registered: ‎05-04-2007

Re: web email form being spammed

‎04-12-2007 11:58 AM

John,
I've only dabbled with web sites (well installed php-based software on web spaces really), but I think some kind of Captcha will help. You must have seen them where you have to enter a code from an image which is made hard for a machine to read.
I'm sure someone more knowledgeable on the subject will explain how Smiley
I guess there may be other ways of redesigning the form, but as I say I don't know enough about site design to be of much help there.
Message 2 of 9
(978 Views)
0 Thanks
Adam1V
Grafter
Posts: 223
Registered: ‎31-07-2007

Re: web email form being spammed

‎04-12-2007 11:58 AM

Touch wood, ive yet to be spammed by any of the contact forms I have myself, but im sure its due sometime.
Two things you can do quickly, is replace your contact form for one which uses captcha Here is an example free script, or secondly are you using the force9 Spam filter?
As a business ive enabled this and its been pretty good to us, doesnt catch anything genuine (yet) and catches around 1k emails per week.
shout if you need any help with updating your form.
Message 3 of 9
(978 Views)
0 Thanks
decomplexity
Rising Star
Posts: 493
Thanks: 26
Registered: ‎30-07-2007

Re: web email form being spammed

‎04-12-2007 12:37 PM

Assuming form-filling is being done by an automated 'bot' rather than by a person, a combination of an HTML form with Javasacript obfuscation of the URL which will process the form works well:
Example:
<script type="text/javascript">
function ch1(x){var yy=2;var z=0;var xx="";for(var y=0;y<x.length;y++){z=x.charCodeAt(y);xx+=String.fromCharCode(z-yy);}return xx;}
function obfuscate(x){document.emailform.action = ch1(x);}
</script>
and in the form itself:
<form action="anything" onsubmit="obfuscate('long_meaningless_string')" name="emailform" method="post">
where the Javascript function (suitably amended) and value of "long_meaninglesss_string" come from www.myvasco.com/msb (it does a character-shifting 'Caesar cypher' on the string)
It is easier than it looks to implement - you can use the Javascript without any changes, and it relies on bots not being Javascript aware.
Zen from May 17. PN Business account from 2004 - 2017
Message 4 of 9
(978 Views)
0 Thanks
samuria
Grafter
Posts: 1,581
Thanks: 3
Registered: ‎13-04-2007

Re: web email form being spammed

‎04-12-2007 11:48 PM

I have had this done to me the problem is all that is required is for someone to copy the script from the page and run it. The only test thats done is that it comes from a plus net account as far as I know.
I had some sad soul doing it to me for months. You can encrypt your page so they can do  it
Message 5 of 9
(978 Views)
0 Thanks
dougrice
Rising Star
Posts: 218
Thanks: 1
Fixes: 2
Registered: ‎06-08-2007

Re: web email form being spammed

‎06-12-2007 8:45 AM

I had a similar problem and tried a simple bit of JavaScript to set the action for the form.
You have <FORM METHOD="POST" ACTION="http://homepages.plus.net/cgi-bin/form">

I have:
<form name="F1" action="http://cgi.dougrice.plus.com/cgi-bin/guestbook.asp"        method="POST" >
...
</form>
<script>
var F1 = window.document.forms["F1"]
self.document.forms["F1"].action  = "http://ccgi.dougrice.plus.com"
self.document.forms["F1"].action += "/cgi-bin/guestbook.pl"
</script>
This seemed to work as the spammer did not seem to run the javascript.

Cool
Message 6 of 9
(978 Views)
0 Thanks
wheelyjon
Newbie
Posts: 4
Registered: ‎03-12-2007

Re: web email form being spammed

‎06-12-2007 5:34 PM

Thanks everyone for your help. I used to write C but have no experience of Java, so I took the easy route and used a captcha, Thanks Adam1v for the link, it seems to work fine.  When I get a moment, I must start looking at Java.
Thanks again wheelyjon  Grin
Message 7 of 9
(978 Views)
0 Thanks
Colin
Grafter
Posts: 1,264
Registered: ‎04-04-2007

Re: web email form being spammed

‎06-12-2007 11:01 PM

Take care to not make the common mistake of confusing Java and Javascript - the two are different beasts Smiley
Wikipeida can probably explain it better tha I can - Java and JavaScript for more information.
Message 8 of 9
(978 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,786
Thanks: 969
Fixes: 10
Registered: ‎10-04-2007

Re: web email form being spammed

‎06-12-2007 11:11 PM

Quite - they have only 4 things in common - the letters J  A  V  A - everything else is different
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 9 of 9
(978 Views)
0 Thanks