June 30, 2007
Web forms are now a routine target of spammers. Whether your web site is a personal one just looking for feedback or a commercial site generating sales leads, getting dozens of entries for link exchanges or online gambling sites isn’t anyone’s idea of useful feedback
It can be really disturbing when you started to getting lots of useless SPAM through the web form on your site.
Is there something we can do about it?
Luckily, the answer is yes.
I found few interesting articles.
Checking for the value of HTTP_USER_AGENT, if it is empty that means it is not from any browser.
Simple, but powerful. Having an extra text box but make it invisible using CSS, check if the textbox has any value in your server script. If the text box has a value in it, that means it is not a regular user’s input.
The demo page is here
November 26, 2006
A cool article from Rediff.com
1) Try not to display your email address in public:
This includes newsgroup postings, chat rooms, Websites and online services membership directories. You may want to opt out of member directories for your online services — spammers use them to harvest addresses. Also, disguise your email address when you post it to a newsgroup, chat room, bulletin board, or other public web pages. For example, use ankurjain_del AT rediffmail DOT com. This way, a person can interpret your address, but the automated programmes spammers use often cannot.
See if it allows the company to sell your address. You may want to opt out of this provision, if possible, or not submit your address at all to Websites that won’t protect it. Also, look for all the check boxes that have been checked by default while you fill and submit any form.
3) Use two email addresses:
Try to use two email addresses — one for personal messages and one for newsgroups and chat rooms. You also might consider using a disposable email address service — this can be a separate email address that forwards mails to your permanent account. If one of the disposable addresses begins to receive spam, you can shut it off without affecting your permanent address.
4) Use a unique email address:
Your choice of email addresses may affect the amount of spam you receive. Spammers use ‘dictionary attacks’ to sort through possible name combinations at large ISPs or email services, hoping to find a valid address. Thus, a common name such as ankurjain may get more spam than a more unique name like a11nkur2006jain. Of course, there is a downside — it’s more difficult to remember an unusual email address.
5) Use an email filter:
Check your email account to see if it provides a tool to filter out potential spam or a way to channel spam into a bulk email folder. You might want to consider these options when you’re choosing your Internet Service Provider. Do your part by keeping your junk email filter up-to-date.
6) Never hit the ‘REMOVE’ button:
Most spam mail you receive contains a line that says ‘Reply with subject line as UNSUBSCRIBE to remove your email address from our mailing list’. When, in fact, you reply to unsubscribe, what happens is that you simply verify you have a valid email address. As a result, you get even more spam instead of getting removed from the list.
Some spam relies on generators that try variations of email addresses at certain domains. If you click a link within an email message or reply to a certain address, you are only confirming your email address is valid. Unwanted messages that offer an ‘unsubscribe’ option are particularly tempting, but this is often just a method for collecting valid addresses that are then sent other spam.
Take, for example, the :
URL: http://grz67.com/track/rd/3964715/5751/23643/1934. This URL contains a tracking ID will be mapped to your email ID in the site’s database. The spammers would be sending you email with this URL behind the link. Whenever the user accesses this URL, the spammer can be sure the email address associated with this tracking ID is a valid one.
Many people have documented the fact that not only do ‘Remove’ lists not work, they verify to the spammer that your e-mail address is good. The spammer then puts it on a premium CD and sell it to the next spammer for even more money.
7) Be responsible and considerate as a user:
We ourselves promote spam in some way or the other. Some people consider email forwards a type of spam, so be selective with the messages you redistribute. Don’t forward every message to everyone in your address book. If someone asks that you not forward messages to him or her, respect their request.
8 ) Keep your antivirus programs updated:
Spam is a cat-and-mouse game, with spammers working relentlessly to outwit the filters. There have been some viruses reported, which help in spamming by sending a pre-set mail to all your Outlook contacts using your email address. When the recipients open their mail, their system also gets infected and mails are sent from their system to all the contacts in their address books. So, by keeping your antivirus programme updated, you can detect these viruses, stop their entry into your computer and prevent spamming from your mailbox.
June 25, 2006
There is an interesting survey about Spam servers. CipherTrust Research concludes that of all spam servers-
64 percent are located inTaiwan;
23 percent are located in theUnited States;
and three percent are located in China.