The problem with blacklisting certain words is that spammers then use a zero for an 'o', or a one for an 'l' or misspell the word so it is still recongicable to the human eye but not to the blacklist. Nan -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin Sent: Wednesday, July 29, 2009 6:42 PM To: thelist at lists.evolt.org Subject: Re: [thelist] spammers/spambots Barry Woolgar wrote: > Hello > > Although it's generalising to an extent, I believe bots will harvest > your form's details and then just start blind posting common field > names and values to the form's action. > > Based on this assumption we've had a fair bit of success with a text > field named 'url' (or something similarly juicy) hidden with CSS, a > label of 'Not for public use' (for people with CSS disabled), and a > value of 'blank'. Then our form processor checks $_POST['url'] is set and has the value of 'blank'. > Anything else is spam or a rather dense form filler who will be > displayed the form again. I can't remember if this was originally > suggested here or on A List Apart, but I've yet to see a spambot get around it. > > For what it's worth, I don't think blacklists are useful as they'll > always find a way around them, or you'll spend ages tweaking and tweaking. > > Hope that helps. > > Barry > > -----Original Message----- > From: thelist-bounces at lists.evolt.org > [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin > Sent: 27 July 2009 16:05 > To: thelist at lists.evolt.org > Subject: [thelist] spammers/spambots > > Just curious, I am finishing up a little program, the preprocessor, > which will be used to grab $_POST or $_REQUEST content, and if it > meets certain criteria, reject any further processing. > > So the first question, automated spambots, do they attempt to fill in > content in any/all fields even if the field is bogus/contrived? > > And the second question, much of the spam content I see is posted in > non-English dialects, way not English. If I knew where to start I can > probably include some of this "stuff" in a reject list, but I'm not > surehow to get or convert these odd looking characters into something > my forms can handle. Suggestions? > > * Setting up the proprocessor to do some pattern matching comparing field input has helped tremendously (100%) already * Just to see what it brings, I added a new field similar to your URL field with a default value and (not for public use) I also set up a log file that captures specific fields and will log the not for public use field - just gotta know... I concur, the blacklist method isn't particularly useful but it has its moments. The wordpress component in Joomla uses this. The list of moderated comments displays subject, IP address, email, comment, etc. I see many comments from the same email address coming from different IP addresses. They move around. By adding the following list of phrases to the blacklist it does help. As I am unfamiliar with the language I wonder if adding what appears to be a foreign alphabet (each character at a time) will help? ???????????? viagra our pharmacy pupkin.net getz adultfriendfinder [url=http:// Why does the term "desperate" come to mind when I read the spam content? -- Bob -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !