NEED HELP!! my php form is being used to send spam

[redgtsviper]

I am using the following code to send form content to my email address. I am having problems with spam. What can I do to fix this problem. I would like to avoid image varification. Any code would be very helpful. I am new to PHP

<?php

$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";





$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );

?>

[kenrbnsn]

Take a look at [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]this[/a] article at [a href=\"http://www.nyphp.org/\" target=\"_blank\"]http://www.nyphp.org/[/a].

Ken

[curtis_b]

Image verification is the way to go, but if you don't want to do that, you can code your own filter if the spam is consistent. For instance, have the script fail if the phone number field contains anything other than numbers, parenthesis, periods, or dashes with an explaination of why it wasn't accepted (spammers are typically bots, not humans as far as I know, and will not make sense of it). Likewise you could have the email field verified (must contain @ symbol and .com or .net or etc...). Finally, if your spam has a consistent subject matter you can block messages that use certain keywords like 'enlarge' or 'prescriptions'. Again, I would recommend a notification message if the sending fails on the off chance that it is an actual customer who is trying to message you.

[!--quoteo(post=349889:date=Feb 27 2006, 11:13 AM:name=Charles Andrews)--][div class=\'quotetop\']QUOTE(Charles Andrews @ Feb 27 2006, 11:13 AM) [snapback]349889[/snapback][/div][div class=\'quotemain\'][!--quotec--]
I am using the following code to send form content to my email address. I am having problems with spam. What can I do to fix this problem. I would like to avoid image varification. Any code would be very helpful. I am new to PHP

<?php

$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";
$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );

?>
[/quote]

[joecooper]

you could make it only alow one message to be sent every 5 mins... i will find some code that would help.

<?php
session_start();
if ($_SESSION['wait'] == '1'){
die("You may not send an email too often");
}
$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";
$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );
$_SESSION['wait']='1'
?>

although it uses sessions, it will still do the job. it will only let you send an email after 5 mins or so.

[redgtsviper]

That would work ok on most of my forms, but I have 1 or 2 that need to be filled out one after another for some camp registration forms (for multi sign up)

[redgtsviper]

I tried using the code you gave me and it will still send. I can hit submit 3 or 4 times in a row and then I will get 3 or 4 emails. It is not adding a delay at all.

I am very new, so maybe I did something wrong.

[redgtsviper]

Anyone have any ideas