Hi,

I recently implemented Formmail ver 7.14 and used the INI file to hide my "send to" email from spammers. I placed the formmail.ini file into the /_private folder so it can't be seen by humans or read by bots. I also created a brand new, never used email address for use in the INI which does not use any "catch all" features. Nowhere in my website is the new email address appear. The install tested great, but within the hour I started receiving porn spam. How could this be if a bot cannot access the INI file containing the address?

Thanks In Advance For Any Insight.

Hi,

What sort of spam? Is it direct email or spam submitted via the form?

If it's direct email, then I think the possibilities are:

The _private folder isn't protected. Can you open the INI file via a browser?
The email address you used is something that could be guessed. Spammers often just send to common names in the "hope" that such an address exists.
If you're on a shared hosting system, perhaps someone has logged into the computer via Telnet or SSH and just grabbed the email address directlry out of the INI file.

Thanks for your earlier reply,

It's submitted via the form I guess. It includes form information like name, email address (bogus), and message body. The body contains the same set of porn related links each time. Seems like an awful lot of work for such a small gain.

1. The _private folder is secure. Can't see the INI from a browser, unless you securely logon.

2. The email receive address is: registerme@ , not terribly common.

3. No shared hosting, no one else has access.

Thanks Again,

Hi,

If it's form spam, then they haven't got your email address....they're just submitting bogus forms.

Upgrade to version 7.15 and and enable the ATTACK_DETECTION_MANY_URLS and/or ATTACK_DETECTION_MANY_URL_FIELDS settings.

You need to read about these settings to some extent before setting them. Read the documentation above the settings.

Thanks Russell,

I changed the ATTACK DETECTION MANY section and it halted the spams.
You've got a great product.

Thanks Again

you should add the image verify CAPTCHA too, that can get rid of form abuse by spammers.

I did add CAPTCHA, and it worked great in testing. The website owner thought it would annoy potential clients. He may have me implement it in the future if the porn link issue resurfaces, but since the spam has dropped to zero, he's holding off.

Thanks,

Roger

i edited my CAPTCHA just to have 4 characters with a smaller neater box, also with the noise away from the characters, so not to annoy visitors so much but still implement it for a little added security.