[thelist] spammers/spambots

Barry Woolgar barry at burnthebook.co.uk
Mon Jul 27 10:22:11 CDT 2009


Although it's generalising to an extent, I believe bots will harvest your
form's details and then just start blind posting common field names and
values to the form's action.

Based on this assumption we've had a fair bit of success with a text field
named 'url' (or something similarly juicy) hidden with CSS, a label of 'Not
for public use' (for people with CSS disabled), and a value of 'blank'. Then
our form processor checks $_POST['url'] is set and has the value of 'blank'.
Anything else is spam or a rather dense form filler who will be displayed
the form again. I can't remember if this was originally suggested here or on
A List Apart, but I've yet to see a spambot get around it.

For what it's worth, I don't think blacklists are useful as they'll always
find a way around them, or you'll spend ages tweaking and tweaking.

Hope that helps.


-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin
Sent: 27 July 2009 16:05
To: thelist at lists.evolt.org
Subject: [thelist] spammers/spambots

Just curious,  I am finishing up a little program, the preprocessor, 
which will be used to grab $_POST or $_REQUEST content, and if it meets 
certain criteria, reject any further processing. 

So the first question, automated spambots, do they attempt to fill in 
content in any/all fields even if the field is bogus/contrived?

And the second question, much of the spam content I see is posted in 
non-English dialects, way not English.  If I knew where to start I can 
probably include some of this "stuff" in a reject list, but I'm not 
surehow to get or convert these odd looking characters into something my 
forms can handle.  Suggestions?



* * Please support the community that supports you.  * *

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 

More information about the thelist mailing list