RE: [SLUG] Spam from forms

• Next message: Ken Elliott: "RE: [SLUG] SATA"
• Previous message: Paul M Foster: "[SLUG] Spam from forms"
• In reply to: Paul M Foster: "[SLUG] Spam from forms"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>> And I can't see how a script from somewhere else could feed data into a
form and then submit it.

It doesn't actually fill out the form. It simply sends a page request that
looks like what you'd get by filling out a form.

If I load your form, fill it out and hit 'submit', your form sends a string
that contains fieldnames and data. If I craft a script that simply sends
the same string, your server will react the same way as a form.

You can get around this by creating a series of image files, and randomly
displaying them on a confirmation page. If it requires a human to read it,
you'll likely get less spam. There are other methods, and I'm sure some of
the sharp folks on this forum will offer solutions.

Ken Elliott

=====================
-----Original Message-----
From: slug@nks.net [mailto:slug@nks.net] On Behalf Of Paul M Foster
Sent: Wednesday, January 31, 2007 7:15 PM
To: slug@nks.net
Subject: [SLUG] Spam from forms

Folks:

I get a copy of every single form that's filled out on the SLUG
website-- New Member Surveys, For Sale items, etc. I'm seeing an increasing
(alarming) amount of repetitive spam coming in from these forms now. I'm
guessing that someone has a bot that's feeding data to these forms, since no
one in their right mind would manually fill in forms like this so many
times.

My question is: how does someone go about doing this? I build web forms all
the time, mostly driven by PHP (as these are). And I can't see how a script
from somewhere else could feed data into a form and then submit it. There
must be something I don't understand about the event model of a web form.
Can someone clue me in?

Paul

--
Paul M. Foster
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages posted
are those of the author and do not necessarily reflect the official policy
or position of NKS or any of its employees.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

• Next message: Ken Elliott: "RE: [SLUG] SATA"
• Previous message: Paul M Foster: "[SLUG] Spam from forms"
• In reply to: Paul M Foster: "[SLUG] Spam from forms"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:04:42 EDT