I've had a couple of spam emails com through one of our web email
responses. There is a form on our web site that allows people to
send us feedback. I am getting some spam through that form. It is a
PHP script which checks for php injection but what I want to know
is two things.
1. How do I know if my php injection filter is working and the spam
is only being sent to me (web master)?
How are you logging your PHP transactions? (in other words, you could
tell PHP to log the headers of any outgoing email). Alternately, do
you have access to the mail server logs?
2. If the spam is only being sent through the form, and they are
spamming only one email at a time and it's only coming to me, how
can I stop that? I can't imagine they are sitting at their computer
and typing/pasting the spam into the textarea, coming up with a
fake email address, and clicking the send button. It's got to be an
automated thing. So is there a way to test to make sure that the
email address is good or that the form is actually being typed by
hand by a person?
These are just some thoughts. Any help would be appreciated.
You can do it meticulously in your PHP code or there's this...
However, keep in mind that you need to work accessibility into your
site. So, you'll need to allow for alternative methods of human
authentication. There are CAPTCHA methods designed for the impaired.
This will give you an overview of the problem...
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Web-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/web-dev/email@hidden
