Jump to content

How To Stop Idiots From Spamming My Email Form

phpQuestioner

By phpQuestioner
in PHP Coding Help

 Share

Recommended Posts

phpQuestioner Regular Member

phpQuestioner

Posted
Posted

I have had these idiot to keep spamming my email form. So I got their IP Address & blocked it; but they just keep getting on a different computer. What is the best we to prevent them from spamming me with my email form? I thought about setting a cookie once the email form was processed and redirecting any further attempt to email me for 24 hours, but that poses a problem too. Then what if the same customer forgot something and wanted to email me again; they would not be able to for 24 hours. So anyone got any suggestions on what I should do?

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

Is it a bot or a human? If it is a bot, then CAPTCHA should take care of it.

 

If it is a human, then setup a registration system and only allow registered users to register. Use stuff like email confirmation and only allow one user per email. That should make it more difficult. There isn't really a way to stop users from posting spam. They can always find some proxy or use stuff like Tor to circumvent IP address banning and they can always just register a new account.

Link to comment
Share on other sites
seb hughes Newbie

seb hughes

Posted
Posted

If you want I will post some code to a security image I made. What you could do is, have the form send an email to them to verify there email address, and oonce this has done send the email, so for the time being the email could be stored in a txt file.

Link to comment
Share on other sites
phpQuestioner Regular Member

phpQuestioner

Posted
  • Author
Posted

Probably a human; I have an advertisement on a classified site and I think someone that does not want me to have it on there, because they have a product similar to mine for sale. They have sent me fowl language and threats; so I am trying to figure out how to block these morons - know what I mean.

Link to comment
Share on other sites
per1os Member

per1os

Posted
Posted

Sorry about that, just noticed it said email form.

 

I would do a check on the email and make sure it is a valid email address. But other than that I think you are stuck, you could try disallowing that IP, but that is not a good choice. Best of Luck.

 

EDIT:

Along the cookie lines, you could set the cookie to a random md5 hash, email that along with the email and if they are spamming disallow that hash for 24 hours. That way it just hit's the target person. Downside is it is easy to erase cookies if they are smart ennough.

Link to comment
Share on other sites
phpQuestioner Regular Member

phpQuestioner

Posted
  • Author
Posted

Thanks for the suggestions guys.

 

The captcha  is a cool idea, but I wonder if that would not bother people enough where they would not send me email.

 

I was using a page to tell these stupid people they have been banned; as a figurative "I Got You Back" kind of thing. But I guess that just enticed them to find other means of doing this. So what I think I will do is ban there IP address, but remove the "You Have Been Banned" page. So when they try to send me a email; they will be blocked from sending me the email and the will never be the wiser, because I will direct them to a "Success Page". I think that trick might work; they will think they have sent me the email and really they will not have sent it to me. I  hope that will work.

 

PS: I wish I knew how to do that "The Little Guy"; that would be sweet revenge. - LOL!!!

Link to comment
Share on other sites
seb hughes Newbie

seb hughes

Posted
Posted

Thanks for the suggestions guys.

 

The captcha  is a cool idea, but I wonder if that would not bother people enough where they would not send me email.

 

I was using a page to tell these stupid people they have been banned; as a figurative "I Got You Back" kind of thing. But I guess that just enticed them to find other means of doing this. So what I think I will do is ban there IP address, but remove the "You Have Been Banned" page. So when they try to send me a email; they will be blocked from sending me the email and the will never be the wiser, because I will direct them to a "Success Page". I think that trick might work; they will think they have sent me the email and really they will not have sent it to me. I  hope that will work.

 

PS: I wish I knew how to do that "The Little Guy"; that would be sweet revenge. - LOL!!!

 

The thing is most people DON'T have static IPs

Link to comment
Share on other sites
per1os Member

per1os

Posted
Posted

The IP suggestion is not a very good one. I can easily spoof my IP by going through a proxy. Especially if it is just for an email form, proxies would be very useful. I think the cookie idea was a good one, but anyone can clear cookies.

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

IP banning: They can use a proxy or similar things.

Email verification: Stuff like http://www.mytrashmail.com/ will take care of that.

CAPTCHA: Useless against humans. It's purpose is to tell humans from computers. It stands for "Completely Automated Public Turing test to tell Computers and Humans Apart".

Cookies: Can be deleted.

User registration: New users can be registered.

 

I.e.: Human spammers are hard to prevent.

Link to comment
Share on other sites
radar Regular Member

radar

Posted
Posted

Do what I did -- setup box trapper -- i get 0 spam mails -- and the reason is because bots can't reply to emails because they can't recieve them...

 

box trapper works in a cool way..  when an email is sent, the sender gets an immediate email back stating that they need to reply to verify their address...  Once they verify the address by replying (leaving subject line intact), their email address is added to the white list (they never have to do that step again unless i remove them) and their original email is passed onto my inbox..

 

works wonders i tell ya...

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

Do what I did -- setup box trapper -- i get 0 spam mails -- and the reason is because bots can't reply to emails because they can't recieve them...

 

box trapper works in a cool way..  when an email is sent, the sender gets an immediate email back stating that they need to reply to verify their address...  Once they verify the address by replying (leaving subject line intact), their email address is added to the white list (they never have to do that step again unless i remove them) and their original email is passed onto my inbox..

 

works wonders i tell ya...

 

It has a disadvantage. What about those emails which are supposed to be automated? Like email confirmations or lost password URLs?

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

i like the blind blocking idea... a) require them to sign up, b) put a filter on the email script, so they would never know the difference when you forward them to the "success" page

 

Might work quite well. Just say "Thank you for contacting us" if blocked of if success.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.