PDA

View Full Version : spam suggestion



billbenson
09-19-2009, 03:37 PM
I've been having a lot of spam that isn't getting caught by my email programs spam filter. Several hundred per day recently. A real pain.

I enabled spam assassin on my web site. That dropped it to 5 last night, so that works well.

I have a contact us link in two places on my web site. One is a form and the other uses javascript to hide it, so it's difficult to harvest the emails from the site. Since I don't want to miss any emails coming from the site that could be caught by a spam filter, I receive the emails from my web site on an email that I never send from. That keeps that email from getting into spam lists. Emails for spam purposes are often collected by spyware / viruses that harvest emails from Outlook address books. I've been doing this for several years and still no incoming emails on that email account. Its new mail from my site, so I don't want to miss any of those.

Just a couple of thoughts for cutting spam down.

vangogh
09-19-2009, 04:37 PM
Good ideas Bill. One thing I've found is which mail server you're using can control a lot of what spam gets through. For example gmail has always down a good job catching the spam without me ever seeing it. Sometimes the specific server my own domain is on does a better job than other servers of catching spam too. My site has been on several servers over the years and without me changing any settings I can tell that spam was less or more on some of them.

As an aside I have a contact form on my site that does lead to quite a bit of spam. It's a simple php mail script and I could easily edit the script to filter out some obvious spam, but it's kind of fun to get in this case. Some of the spam is very funny. It's also useful. I get a fair amount of spam where the person sending it thought they were creating a post on a forum. I've actually caught a few spammers here, because they also hit the contact form on my site.

billbenson
09-19-2009, 05:19 PM
One of the funny ones I have is that some customers are completely confused when clicking on "contact us" opens outlook. Even with the customer service people for my main supplier, some of which have been at the company for 10 plus years, get very confused by email configurations etc.

You can't assume computer literacy, even in places where you would assume it shouldn't be an issue.

vangogh
09-20-2009, 12:53 AM
True. You'd think people would be used to it by now, but not everyone is.

SteveC
09-21-2009, 06:27 PM
If you are getting form spam this is a trick that we use... In the form we put a text area, (form robots love these)... we then hide this with CSS... and then when the form is validated... if this text area contains any text we redirect to a fail page and if it doesn't we allow the form contents to be sent.

Hope this helps.

vangogh
09-21-2009, 06:42 PM
I like that idea. So simple and yet so effective.

Spider
09-21-2009, 09:39 PM
A trick I have been using for years still seems to be working---

Instead of using the old, and vulnerable, mailto link, I have rewritten the link in ascii code, like this --

<A HREF="mailto:frederick& #64;& #102;& #114;& #101;& #100;& #101;& #114;& #105;& #099;& #107;& #112;& #101; .....etc. (remove the spaces.)


... which spells out my e-mail address for people to read and click on but seems to baffle the robots. Not sure why it does because I'm sure robots could translate the ascii code the same way a browser does, but they seem to ignore it.

vangogh
09-21-2009, 10:13 PM
I used to do that too. Spammers can figure that out, though it does make it harder for some. It's not 100&#37;, but it definitely helps and takes longer for your email to get on spam lists. It's probably like how using a club on your steering wheel deters some from stealing your car, but doesn't actually make it more secure for the person who has the tools to cut through it.

You see a lot of people doing things like email [at] address.com or using an image for the email. I don't like using either of those since it prevents real people from clicking a link to open their email program.

billbenson
09-21-2009, 11:22 PM
You can also do things like forward your email at the server. Say your site has sales@bigbopper on the site. In cpanel you can forward that to spiderman@bigbopper. If you have sales@ encoded but it eventually gets put on the spam lists, change the email on the site to support@. If you never replied from sales@, you can just send all of the sales@ to a spam folder.

A lot of ways to skin a cat.