You are here: Re: tell a friend - prevent spam « All PHP « IT news, forums, messages
Re: tell a friend - prevent spam

Posted by Kentor on 12/13/06 20:29

I dont understand how to use sessions to prevent spam. Bots have
sessions too no? I thought that a good way would be to simply prevent a
user from sending too many emails in 30 seconds or something like that.
But according to Rik spammers can play with this using ips and
whatever. I like the idea of queuing the messages but how could i
filter out spamming messages? I could check them myself but then this
will require me spending time... =/

On Dec 13, 2:36 pm, "J.O. Aho" <u...@example.net> wrote:
> Rik wrote:
> > J.O. Aho wrote:
> >> Kentor wrote:
> >>> Hello, how could I limit the number of times a user uses my "tell a
> >>> friend" form each minute? Or if anybody has a nice looking
> >>> tell-a-friend script which prevents spam already coded, that would
> >>> save up a little time. Thanks
>
> >> Take a look at the "mail forms being abused" thread thats in this
> >> newsgroup, you should be able to find it with google groups.
>
> > A 'tell-a-friend' form is a different beast all together.
> > ASIDE from the header-injection prevention, you're sending mail to an
> > unknown, user-defined, adress, not a semi-hardcoded emailadress (i.e. the
> > site-owner). Nothing prevents me from writing a bot which will hit your
> > form hundreds of times using different ip's, cookies, etc. They might all
> > be valid visitors, or not. No real way to tell.No of course you can write a bot and thats what is used, but even spammers
> like to send as many users as possible at one try, which you should prevent.
>
> You can throw in a short lived session if the session isn't there, then don't
> mail, this would cause more work for the spammers to be able to spam.
>
> Another thing is to cue the mail and use a cron script that runs the mail
> through spamassassin before sending it, if caught as spam, don't mail.
>
> --
>
> //Aho

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация