Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
Message from discussion Contact form spam - to me alone
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Francois Bonzon  
View profile  
 More options Jan 12 2007, 6:05 pm
Newsgroups: comp.lang.php
From: Francois Bonzon <NOSPAM.franc...@bonzon.com>
Date: Sat, 13 Jan 2007 00:05:09 +0100
Local: Fri, Jan 12 2007 6:05 pm
Subject: Re: Contact form spam - to me alone
On 2007-01-12 23:25:55 +0100, Chuck Anderson <websiteaddr...@seemy.sig> said:

> I have a contact form on my site (been there for a few years) and just
> lately someone has begun using it to send Spam to me - and only to me
> (one to three times a day).  I can tell because I track the usage of
> those contact form scripts (that I wrote) closely.  The person is not
> even trying to inject anything into the headers, they are just sending
> me URLs to their porn sites.

> Is there any way to block this kind of usage?  I've tried the usual
> tricks (hidden form field - checking referrer), but they always
> (almost) check out okay.  The originating IP address changes every
> time, of course - and the porn sites are usually already gone.

> I'm already cleaning all my form variables (checking for LF and CR and
> content_type and cc:), so that is not my problem.  It's just the few
> annoying emails I get.

> [ ..... Is this actually a productive way for spammers to distribute
> their crap ... one email per form?]

I had the exact same problem with my contact forms, that I solved by
ignoring the e-mail if the body contains 3 times or more the string
"http://". Those spam e-mails contained always 10 times or more the
spammer's web link, to be sure we don't miss it. Legitimate senders
never send me even a single web link in their message. This way, a
single link, or even two, is still allowed.

Here is my very simple anti-spam function:

/**
 * Simple SPAM filter
 *
 * Mail is rejected if body contains more than two HTTP link.
 * @param string $body Message body
 * @return bool Mail is spam
 */
function is_spam ($body) {
  return substr_count($body, 'http://') > 2;

}


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.