Preventing mail form/comment form spam

[Foamcow]

I seem to have hit on a simple way to prevent or at least greatly reduce the amount of spam generated by having a mail form or a comment form on your website.

Sure you can use a CAPTCHA but there are inherent problems with them - and I find them a little annoying if I'm honest.

The method I have adopted is to create a field on the form with the label "Leave this blank".

If the field is filled in (as it will be by a bot that just completes every field) then I tag the mail as spam.

So far I've had 100% success with no false positives.

It's always going to trip up now and again but so far, so good. Simple and effective!

Tek-Tips Forums is Member Supported. Click Here to donate

<honk>*:O)</honk>

Tyres: Mine's a pint of the black stuff.
Mike: You can't drink a pint of Bovril.

 

[BillyRayPreachersSon]

I've seen some similar ones, where you are asked a question, such as 'Type in the colour of the sky' - to which you have to enter 'blue', or 'Is fire hot or cold?' - to which you have to answer 'hot'.

I especially like the version here, because it's quite piratey: 'Type 'Arrr!' here if you are not a bot. That's one large A, three r and an exclamation mark, just like a pirate would say'






Coedit Limited - Delivering standards compliant, accessible web solutions

Dan's Page [blue]@[/blue] Code Couch:

http://www.codecouch.com/dan/

Code Couch Tech Snippets & Info:

http://www.codecouch.com/

 

[feherke]

Hi

Personally I saw its reversed : the [tt]input[/tt] was initially filled and humans were asked to clear the [tt]input[/tt].

Feherke.

http://rootshell.be/~feherke/

 

[Foamcow]

I've seen those too Dan but I wanted to do something that didn't require the user to anything. I wanted to use the bot's behaviour against itself - kind of like Cyber Aikido (as someone told me today).

Feherke, that's an interesting approach too. I might try that to see how it works. Again though, it's asking the user to do something as opposed to asking them NOT to do anything.

If you've got some reasonably trafficed sites it would be interesting to see what kind of results we get from the different techniques.

Tek-Tips Forums is Member Supported. Click Here to donate

<honk>*:O)</honk>

Tyres: Mine's a pint of the black stuff.
Mike: You can't drink a pint of Bovril.

 

[BabyJeffy]

Taking Foamcow's example... and making the input hidden is a good one. If the input is ever filled in... you can be sure it's a bunch of spam

Cheers,
Jeff

[tt]Visit my blog [!]@[/!]

http://www.coderambler.com/

Visit Code Couch [!]@[/!]

http://www.codecouch.com/

[/tt]

Make sure your web page and css validates properly against the doctype you have chosen - before you attempt to debug a problem!

FAQ216-6094

 

[Foamcow]

The hidden thing was something I considered but didn't know if it would work. Guess I could hide it now to see what happens.

To be fair I don't get that much genuine mail through there anyway but I do get a fair bit of spam and it's caught all the spambots so far and none of the proper email.

Even my other half managed to avoid the spam trap and she is notoriously bad at reading instructions on screen.

Tek-Tips Forums is Member Supported. Click Here to donate

<honk>*:O)</honk>

Tyres: Mine's a pint of the black stuff.
Mike: You can't drink a pint of Bovril.