Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Who is it?

Status
Not open for further replies.
red54

red54

Technical User
Sep 15, 2001
90
US
Need to trap a malicious user who is sending obscene emails using my customer's website email form. Want to get definitive id of the computer which is being used to visit site.

Anyone have a neat solution? My client is ready to prosecute the person who is doing this and wants to be able to prove it in court.

Any info would be greatly appreciated. Note the malicious user probably resides in the same state.

Time flies when you don't know what you're doing...
 
Sort by date Sort by votes
It's not as easy as that as they are most probably using a proxy server to go to your site. Report it to the authorities and they will do the checking for you.


____________________________________________________________

Need help finding an answer?

Try the Search Facility or read FAQ222-2244 on how to get better results.

 
Upvote 0 Downvote
Thank you for your quick response.

User is not sophisticated. Client believes they know who it is, just want proof.

Will contact authorities, as you suggest, but usually consider it a prank and won't do anything about it.

Time flies when you don't know what you're doing...
 
Upvote 0 Downvote
In that case you could just get the IP Address of the poster (there are many ways to do this depending on what server-side language you are using) and if you can find out the IP of who you think it may be, try and match it to them (their IP may of course change frequently).


____________________________________________________________

Need help finding an answer?

Try the Search Facility or read FAQ222-2244 on how to get better results.

 
Upvote 0 Downvote
There comes the problem of actually prosecuting this individual. Without a certified security professional doing the checking, the company will run into a long list of issues, such as proof from a reputable security organization saying that the individual is who the client says they are. Lawyers are having field days with this getting people "off" of cases due to lack of sufficient evidence when a company doesn't go the route of employing security professionals.

All the individual will have to say is that your client has a vendetta against them, and that the "proof"(logs and such) are contrived (easy to fake logs anymore). If a third party comes in and verifies the same, then it could be a different story.
 
Upvote 0 Downvote
A simple solution involves scanning the content of the message (assuming this is a contact form from a web page) for swearwords (or variants). If any swear words are found, redirect the user to a page explaining that their details have been logged - and then add their IP address to a blacklist.

Every time someone visits the "contact us" page, check if their IP address is on the blacklist... and if it is you just include a message telling them why they cannot use the contact form.

Include an option to remove the IP from the blacklist after XX days/hours or upon request (as needed).

PS: I tend to just not send the email (from PHP) if the message fits this criteria... and redirect them to the thankyou page. They never know that their message wasn't sent - and you never have to deal with it.

Cheers,
Jeff

[tt]Jeff's Page @ Code Couch
[/tt]

What is Javascript? FAQ216-6094
 
Upvote 0 Downvote
Excellent answer, with a lot of good concerns. As you know with working with people it is a fine line between pleasing the customer while still doing what is right. Just thought I'd get some input from other pros in the area. I think that the "not letting the email thru" is a good idea. Will do this in addition to keeping a log for myself, in order to see if this is continuing.

Don

Time flies when you don't know what you're doing...
 
Upvote 0 Downvote
Be careful how you do your swear word filtering... make sure if works only on whole words, otherwise you really could be filtering out genuine comments. I'm sure we've all heard about the people from Scunthorpe whose mail kept getting blocked by a certain company because of the 2nd to 5th letters in the word!

Dan

[tt]Dan's Page [blue]@[/blue] Code Couch
[/tt]
 
Upvote 0 Downvote
Place I used to work at initially put in a very bad content filter. I tested it with the phrase
"If it's dirty wa[red]sh it[/red]."

Sure enough, that was blocked.

[sub]Jeff
[purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day

"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me[/sub]
 
Upvote 0 Downvote
Those last concerns are part and parcel of the fun you can have when you put your mind to being cute with a program. One of the first programs I did was gen'ing integers. Missed all the primes.

Same with these. Probably miss all the ones using PH in place of F, or something equally innocuous. LOL

Thanks again for the 'heads up' on those issues. Hateful part of this is that it is only one person probably doing it, and the client will spend some money (willingly) to block them. Delete key would be easiest, but...

Don

Time flies when you don't know what you're doing...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
Chrome Issue with Third Party App
Replies
0
Views
185
SamBones
SamBones
Sebastian42
  • Locked
  • Question
Firefox library is blank and just an icon
Replies
2
Views
134
Sebastian42
Sebastian42
max8699
  • Locked
  • Question
Cannot open chrome if an Office 365 program is running
Replies
0
Views
109
max8699
max8699
MBTC
  • Locked
  • Question
Chrome Issue
Replies
3
Views
149
MarkSweetland
MarkSweetland
Tedwhite
  • Locked
  • Question
How To Fix Firefox Freezing Issue In Windows 10?
Replies
2
Views
215
Tedwhite
Tedwhite

Part and Inventory Search

Sponsor

Back
Top