Yes, we needed to include a message warning visitors that our forms will not process URLs and will divert the visitor to an error page instead. But that's been working really well for us (we invite people with a legitimate reason to share a URL to telephone us instead). -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Shawn K. Quinn Sent: Friday, September 28, 2007 12:34 PM To: thelist at lists.evolt.org Subject: Re: [thelist] how to stop email form spam On Fri, 2007-09-28 at 15:11 -0400, r937 wrote: > in addition to all the other techniques suggested, do a quick search > of the form fields to look for the string of characters "http://" > > if my script finds that in one of my form fields, it sends back a > 403 Forbidden Unfortunately, this also prevents legitimate Web site links, and is also easily sidestepped. -- Shawn K. Quinn <skquinn at speakeasy.net> -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !