Posted by "Richard Lynch" on 08/18/05 11:03

On Mon, August 15, 2005 4:57 pm, Dotan Cohen wrote:
> I have a form that my visitors can email me from. Some jerk is trying
> to fool the mail() function into sending his spam, and I got this
> today:

Put a CAPTCHA on the form.

The jerk is probably not actually using your form, but a script that
walks the net looking for forms that have name="xyz" where xyz is
something that looks like a contact form or the URL has "contact" in
it or...

Anyway, if CAPTCHA doesn't do it, you can also put in a throttle to
only accept N posts from IP a.b.c.d within X hours.

Not completely foolproof, but what spammer will bother to change his
IP address to send out junk when there are so many open relays and
wide-open email forms out there?

And, yeah, if more than N people who work at "Big Company" try to post
within X hours, you'll lock them out, but how likely is that?

--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]