One trick I used when making a form a while back was to put a blank form field that is hidden from the human user. Bots will often fill out every field on the form. You can then check, if the field was filled, then you most likely have a bot. I don't like checking for a match between name and username. My name is unique enough I use it as my username for a lot of the websites I visit. I would be really annoyed if I was blocked because a site thought I was a spammer. -Meshack -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin Sent: Wednesday, July 06, 2011 6:06 AM To: the >> "thelist at lists.evolt.org" Subject: [thelist] tracking spammers Several of my websites commonly get hit by either low paid human spammers or spam bots. The registration form employs a good captcha function and the form IS being used. Recently I started capturing data about the spammer wanna-be's. The patterns are obvious. IP: 184.108.40.206 Name: Affesibre Email:testxr30 at o2.pl Username: Affesibre 1) Although they use differing email suffixes, .pl is common and none of the 750+ valid members use that domain. 2) Name matches username = nonsense 3) IP address varies 4) Password = nonsense and always 10 characters 5) Special hidden fields are not being filled in I can trace the IP to various countries, not much help. There are valid registered members on the site who register with the same name and username, so I can't really use that, although I've considered respectfully requesting that username and name not match. Password = key. I was thinking that these were humanoid but in that the passwords are always 10 random characters, that makes me think perhaps otherwise, perhaps the same program has been passed around the spammer block. Idea: If $name == $username&& string length $password == 10 then choke. Other ideas? -- Bob Meetin dotted i - http://www.dottedi.biz LinkedIn: http://www.linkedin.com/in/bobmeetin -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !