Anti-bot spam with simplicity

Posted At : December 18, 2007 6:07 PM | Posted By : Michael Dinowitz
Related Categories: New Ideas,Spam

Spam-bots are getting smarter. I've seen bots that fill out forms with close to perfect information. I've seen bots that copy blog comments and then add in their spam. I've seen bots that adapt to their situations. What I have not seen are bots that can look at a form like a human does.

Let me give you a situation. House of Fusion has a sign-up form that not only allows for the standard contact information but also allows for multiple alternate email addresses. I've been seeing some spam coming through that has multiple emails of the same value. This reminded me of something very simple about forms - multiple form fields with the same name become a comma delimited list on submit.

This means that two input boxes named email that are both filled with "spam@spam.com" will result in a variable of form.email with a value of "spam@spam.com,spam@spam.com". This is wonderful!

All we have to do to block some of these new 'thinking' bots is have a form with two input fields called email. The display for the first will be email while the display for the second will be alternate email.

On the action page we just have to check that the form.email has 2 items and if they are the same to block the post as spam.

<cfif listlen(form.email) EQ 2 and listfirst(form.email) IS listlast(form.email)>
---spam code here---
</cfif>

This works great but there are always alternates. While giving this to Clark Valberg for use on the Developers Circuit contact form, he modified the idea into which led to another modification. The first is to take the second email input and label it as something other than email. Zip code is a perfect example as it is something not always required. To a human it looks like a standard form with zip and email but to a bot there's no zip but 2 emails. The second modification is to exchange form fields. Have the email form field labeled zip and the zip labeled email. A human will read the label and enter what is expected (zip in email field, email in zip field) while a bot will enter the wrong values.

These are simple checks that can defeat many of the spam-bots out there today and they all depend on the difference between how a human and a bot sees a page - something that will always be in our favor.

Comments (37) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 5756 Views
Comments
[Add Comment]
Raymond Camden's Gravatar I'm not so sure this is a good idea. What if a user is confused and thinks they have to provide an alternate email, but only have one email address? Wouldn't they get flagged as spam? It seems a bit too strict.
# Posted By Raymond Camden | 12/18/07 8:40 PM
Michael Dinowitz's Gravatar If there's an email field with an asterisk next to it saying required and an alternate one without the asterisk then I'm hoping the viewer will have the sense to know that the alternate is not required. If not, a small note next to it saying "not required" may work.
# Posted By Michael Dinowitz | 12/18/07 8:56 PM
jordan heels's Gravatar ahahahahhaaahhahhh
# Posted By jordan heels | 8/8/11 11:27 PM
Peter's Gravatar There is perceptibly a bundle to realize about this. I consider you made some nice points in features also. =-=
# Posted By Peter | 9/13/11 4:54 AM
v i a g r a's Gravatar Vede??evalka iz kart ni super zanimiva metoda za vpogled va??e . With high hope for the future.A foolish consistency is the hobgoblin of little minds.Were it not for my little jokes.
# Posted By v i a g r a | 9/14/11 6:38 AM
the north face sale's Gravatar Aw, it was a top quality content. Actually I would like to write like this as well - taking time and real energy to bring about an excellent post... however what can I say... I procrastinate an awful lot and by no means appear to get things completed...
# Posted By the north face sale | 10/6/11 8:49 PM
abercrombie and fitch outlet uk's Gravatar abercrombie and fitch outlet uk
# Posted By abercrombie and fitch outlet uk | 12/8/11 2:51 AM
abercrombie and fitch uk's Gravatar abercrombie and fitch uk sale
# Posted By abercrombie and fitch uk | 12/8/11 2:51 AM
Microsoft Office 2010's Gravatar in different folders for easy accessibility.
# Posted By Microsoft Office 2010 | 12/13/11 3:32 AM
iwc replica's Gravatar For shoppers, there is a great product category, and so in terms of payment of additional benefits section.
# Posted By iwc replica | 1/14/12 10:22 PM
Nike Dunks High's Gravatar nike dunks high
nike dunk high
Womens Nike Dunks Heels
Mens True Religion Jeans
/ Jeans True Religion
# Posted By Nike Dunks High | 2/15/12 3:22 AM
hollister outlet's Gravatar hollister outlet
hollister outlet online
hollister outlet store
hollister sale
# Posted By hollister outlet | 2/15/12 11:48 PM
Abercrombie Outlet's Gravatar Coach Factory Outlet
Coach Outlet Store
Abercrombie Outlet
Abercrombie Outlet Online
# Posted By Abercrombie Outlet | 2/23/12 10:59 PM
fake chanel's Gravatar Control of my privacy reasons, but published. However, the most ancient German city of theater, not only to restore access to the camera lucky stars.
# Posted By fake chanel | 3/6/12 11:18 AM
hermes bags uk's Gravatar The artist is the same as the body bags from the external boring. Hermes Birkin is a package of peace of mind.
# Posted By hermes bags uk | 3/6/12 11:21 AM
Coach Factory Outlet's Gravatar ralph lauren polo outlet
polo ralph lauren outlet
coach factory outlet
Coach Baby Bags Outlet
Coach Wristlet
Ralph Lauren Rugbys Polo
Ralph Lauren Dual Match Polo
# Posted By Coach Factory Outlet | 3/7/12 9:55 PM
true religion outlet's Gravatar cycling jerseys
bike jerseys
true religion outlet
true religion jeans
# Posted By true religion outlet | 3/10/12 3:02 AM
aiou old paper's Gravatar I wanted to say that it's nice to know that someone else also mentioned this as I had trouble finding the same info elsewhere. This was the first place that told me the answer
# Posted By aiou old paper | 3/20/12 8:36 AM
Coach Factory Outlet's Gravatar I'm learning jQuery from the ground up and when I learn something, I want to know what is assumed, what has to be explicitly stated, and why one thing is done vs. another
# Posted By Coach Factory Outlet | 3/24/12 1:57 AM
franklin marshall outlet's Gravatar franklin marshall outlet
christian louboutin outlet
Mens Christian Louboutin Sneakers
Christian Louboutin Sandals
Franklin & Marshall Polo T-shirts
# Posted By franklin marshall outlet | 4/4/12 9:26 AM
replica watches's Gravatar The Breitling Navitimer, the official view in the Aircraft Owners and Pilots Association, was first introduced in 1952 addressing the unique needs of pilots.
# Posted By replica watches | 4/11/12 1:30 PM
beats by dre headphones's Gravatar This situation has been a long time brewing, and it often leads students to question the relevance of music theory to their personal musical goals.
# Posted By beats by dre headphones | 4/11/12 2:25 PM
Coach Factory Outlet's Gravatar arge number of Chinese consumers and overseas consumption.
# Posted By Coach Factory Outlet | 4/11/12 8:13 PM
Tory Burch Sale's Gravatar Polo Ralph Lauren Outlet
Ralph Lauren Polo Shirts
Ralph Lauren City Polo
Tory Burch Sale
# Posted By Tory Burch Sale | 4/15/12 3:00 AM
coach factory outlet's Gravatar If you're ready to have a baby as well as within being pregnant, you must certainly obtain coach factory outlet. Due to the fact these kinds of luggage supply you a variety of benefits to together by yourself plus your toddler, also they are stylish.
# Posted By coach factory outlet | 4/16/12 8:11 AM
Nike Free Run 3 Women's Gravatar me into the light. A discerning eye can be seen, since the palace silent,
# Posted By Nike Free Run 3 Women | 4/28/12 3:08 AM
fake celine handbags's Gravatar There’s a long L-shaped island topped with black soapstone counters and a five electric-burner Wolf stovetop with a convection oven below.
# Posted By fake celine handbags | 5/5/12 3:57 AM
Coach Outlet Online's Gravatar dfyhgfh
# Posted By Coach Outlet Online | 5/7/12 9:59 AM
beats monster's Gravatar We started O Music Awards as an experiment and it keeps gaining momentum as an incubator for experimenting with interactive storytelling across multiple platforms," said Dermot McCormack, executive vice president of Viacom Music & Logo Group, which includes MTV, VH1, CMT and Logo.
# Posted By beats monster | 5/8/12 3:50 AM
beats tour's Gravatar As the title indicates, this is only the first volume of what promises to be a multi-part series.
# Posted By beats tour | 5/8/12 4:36 AM
abercrombie and fitch outlet's Gravatar This is a good post.
# Posted By abercrombie and fitch outlet | 5/8/12 5:18 AM
replica watches's Gravatar If you don't look after your designer watch carefully then you could find that it doesn't last you very long.
# Posted By replica watches | 5/18/12 10:18 PM
nike lunar shoes's Gravatar nike lunar shoes
Barefoot Nike Free Run
Air Jordan 2012
Nike LunarEclipse+
Nike Air Max 2012
Zoom Kobe VI
lunar eclipse nike
Jordan Heels
# Posted By nike lunar shoes | 5/21/12 9:54 AM
rolex replica watches's Gravatar As his car passed? one child appeared? and a brick smashed into the Jag's side door.
# Posted By rolex replica watches | 5/23/12 9:23 AM
iwc replica's Gravatar But, with the Employer Assessment still in place, employers who drop their coverage as the administration and Legislature have been encouraging them to do, will be required to pay the monthly assessment — again, for a Catamount program that no longer exists!
# Posted By iwc replica | 5/31/12 4:50 AM
cheap oakley sunglasses's Gravatar Very insightful. A nice different perspective.
# Posted By cheap oakley sunglasses | 6/6/12 11:29 PM
chanel bags replica's Gravatar He said he thinks all disposable bags are just as damaging as the "single-use" plastic bags.

"Why do we pick on some of them and not all of them?" Evans said.
# Posted By chanel bags replica | 6/14/12 2:39 AM
[Add Comment]
BlogCFC was created by Raymond Camden. This blog is running version 5.9. Contact Blog Owner
House of Fusion | ColdFusion Jobs @ House of Fusion | Fusion Authority