Hello Although it's generalising to an extent, I believe bots will harvest your form's details and then just start blind posting common field names and values to the form's action. Based on this assumption we've had a fair bit of success with a text field named 'url' (or something similarly juicy) hidden with CSS, a label of 'Not for public use' (for people with CSS disabled), and a value of 'blank'. Then our form processor checks $_POST['url'] is set and has the value of 'blank'. Anything else is spam or a rather dense form filler who will be displayed the form again. I can't remember if this was originally suggested here or on A List Apart, but I've yet to see a spambot get around it. For what it's worth, I don't think blacklists are useful as they'll always find a way around them, or you'll spend ages tweaking and tweaking. Hope that helps. Barry -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin Sent: 27 July 2009 16:05 To: thelist at lists.evolt.org Subject: [thelist] spammers/spambots Just curious, I am finishing up a little program, the preprocessor, which will be used to grab $_POST or $_REQUEST content, and if it meets certain criteria, reject any further processing. So the first question, automated spambots, do they attempt to fill in content in any/all fields even if the field is bogus/contrived? And the second question, much of the spam content I see is posted in non-English dialects, way not English. If I knew where to start I can probably include some of this "stuff" in a reject list, but I'm not surehow to get or convert these odd looking characters into something my forms can handle. Suggestions? -- Bob -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !