rvp032582
Posts: 47
|
| Posted: 12/01/2006, 12:37 PM |
|
we have a simple info request form. fields are name, number, comments, and of course email address. when the form is filled out the info is emailed to a staff member. they are reporting a lot of spam like mail coming thru. we know it's coming form the form, b/c the subject line is stating such.
is there any code i use use in the after insert excute event that will prevent or decrease spamming on this form? maybe like an email address check or sorts?
thanks,
-rvp
|
 |
 |
garycrunk
Posts: 23
|
| Posted: 12/01/2006, 12:47 PM |
|
It's hard to tell what you are "Receiving" and how you have the email being sent.
Is the data you are having them input saved into a database?
Is the data then passed through a mailing script located in your "After-Insert" procedure for the form?
I guess we would need to know how you are processing the input and how that input is being "Sent" to your staff.
Gary
_________________
Gary Crunk
Job Examiner |
|
|
|
rvp032582
Posts: 47
|
| Posted: 12/02/2006, 6:47 AM |
|
yes the data is store in db. mail script is:
Dim Mail
Set Mail = Server.CreateObject("Persits.MailSender")
' enter valid SMTP host
Mail.Host = "host name here"
Mail.Username = "email user name here"
Mail.Password = "password here"
Mail.From = InfoRequests.Requestoremail.Text ' >From address
Mail.FromName = "via Website - " & InfoRequests.RequestorName.Text
Mail.AddAddress "emailadd@ourwebsite.com"
Mail.AddCC "CCemail@ourwebsite.com"
' message subject
Mail.Subject = "New lead from our website" & inforequests.RequestorCompany.Text
' message body
Mail.Body = inforequests.RequestText.Text & " " & inforequests.RequestorPhone.Text
On Error Resume Next ' catch errors
Mail.Send ' send message
|
|
|
|
Edd
Posts: 547
|
| Posted: 12/02/2006, 3:41 PM |
|
Your site has been searched by a webbot and stripped out the email addresses and subjects. Are the addresses anywhere on a form?
If they are displayed you will need to hide them with Javascript: Example:
<HTML>
<HEAD>
<TITLE>Calculate The Cost</TITLE>
</SCRIPT> <SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
function sendMail() {
// Construct a mailto: URL with all the details:
var _u = "name";
var _d = "domain.co.uk";
var _l = _u + "@" + _d;
var _s = "subject test"
var _b = "body test"
// document.forms.Form2.action = "mailto:"+_l+"?subject="+_s+"&body="+_b
document.location = "mailto:"+_l+"?subject="+_s+"&body="+_b
// return true;
}//-->
</SCRIPT>
</HEAD>
<BODY>
<!-- <FORM NAME="Form2" ACTION='""'>
<INPUT TYPE="submit" VALUE="Send mail" onCLICK="sendMail()"> </FORM> -->
<A HREF="javascript:sendMail()">Send Mail</A>
</BODY>
</HTML>
The problem is that they already have your addess so crap will keep coming on those accounts unless you change them.
Edd
_________________
Accepting and instigating change are life's challenges.
http://www.syntech.com.au |
|
|
|
JimmyCrackedCorn
Posts: 583
|
| Posted: 12/02/2006, 5:18 PM |
|
I don't think rvp is saying their email addresses are compromised. I think he is saying they are getting form submissions from SPAMmers or SPAMbots.
We have had this problem on a lot of our forms. Mostly it is annoying but harmless however sometimes they try and inject mail commands. So we now test all incoming text for domains, commands and such before adding it to the mail body.
Since your situation probably involves a SPAMbot if you want to stop this or at least slow it down you could add Captcha (search Wikipedia or Google). Here is a different approach that seems interesting,
http://www.bennadel.com/index.cfm?dax=blog:197.view
_________________
Walter Kempees...you are dearly missed. |
|
|
|
rvp032582
Posts: 47
|
| Posted: 12/04/2006, 5:32 AM |
|
jimmycrackedcorn is correct. addressed aren't compromised.
i think what i'm looking for is basically some code to use in the file_events.asp page of that form. i have right now the mail code seen pasted above, i'm just wondering if there's anything i can use in that block of code. so i guess i'm asking, by using code charge is there a way to prevent form submissions from the spammers? something quick maybe?
thanks,
--rvp
|
|
|
|
Edd
Posts: 547
|
| Posted: 12/04/2006, 10:34 PM |
|
rvp,
Use Captcha as suggested by JimmyCrackedCorn - it is pretty well standard now and is reasonably easy to implement.
See http://www.u229.no/stuff/Captcha/
Edd
_________________
Accepting and instigating change are life's challenges.
http://www.syntech.com.au |
|
|
|
rvp032582
Posts: 47
|
| Posted: 12/11/2006, 6:08 AM |
|
ok. so i guess there's no way to do it in codecharge. thanks anyway,
|
|
|
|
Bilbioman
|
| Posted: 01/09/2007, 4:11 AM |
|
cool site
[url=http://hentaimovie.all44.com/cat-24-p0.html]http://hentaimovie.all44.com/cat-24-p0.html[/url]
|
|
|
|
marcwolf
Posts: 361
|
| Posted: 01/10/2007, 9:10 PM |
|
Hi RVP.
There are several ways to to it - but it will require some user input.
You need a way for your code to recognise that a submit is from a human rather than from a bot.
For example. Have a label into which you display a random number between 1 and 5. You also have a drop down that contains the sane number 1 to 5.
When someone fills out your form you ask them to select in the dropdown the shown number. You can easily check on the before insert if the two match and if they do not - just reject the insert.
Another one I saw that was rather fun - was a set of 5 pictures. 3 of which were kittens. The user had to click the 3 that were the kittens. Again before showing the page you could seet the picture locations.
CAPTCHA is abother very commin and good way. However most of the libraries or solutions need to be purchased.
Hopefully this will give you some idea's onsimple questions to ask - which is something that a bot would not beable to answer.
Bots cannot read graphics so you can use my first solution with an image who's name has no correlation to the displayed number. That should really confuse the bots <chuckles>
Take Care
Dave
_________________
' Coding Coding Coding
Keep Those Keyboards Coding.
Raw Code!!!!!!!
|
|
|
|
rvp032582
Posts: 47
|
| Posted: 01/19/2007, 8:26 AM |
|
i think it's kinda ironic that this forum post about spam prevention is getting spammed
|
|
|
|
