Like many of us, I have been plagued with spam that has bypassed both my BT & Mcaffee filters.

I installed Tectite Formail & set up the AT_MANGLE function but this did not stop them. I have upgraded to using an INI file for email addresses & still they get through. Intriguingly, they all originate from gmail.com.

http://castingimage.com/forms/form_contact.htm

I am reluctant to introduce CAPTCHA to the form, as it is not an autoresponder & I personally find it a difficult process to deal with. I am concerned with losing clients.

I have read there are other alternatives: reverse captcha & something to do with permanent+blank fields. Can anyone advise how I may improve security without image verification?

Thanks,

John

...the reason I made this posting was because I could not find the relevant information at the time. Now I think I have:

http://www.tectite.com/fmdoc/attack_detection_reverse_captcha.php

Hi,

AT_MANGLE and INI files are about protecting your email address from spambots.

INI files are perfect at this.

However, once a spammer has your email address, they can use it until you delete it.

FormMail cannot affect email spam sent directly to your email address because it's not involved in that process. It also can't remove your email address from spammers once they have it.

There are 2 vectors for spam (ways spammers send you spam):
Directly to your email address. FormMail cannot help with this.
Via your form processor. FormMail can do a whole lot to stop this.As mentioned, FormMail has features to protect your email address, but that doesn't mean the spammers haven't already got it or they've got it some other way unrelated to your form.

So, the first thing you need to do is to figure out which vector the spam is coming from.

If it looks like a form submission then, it's probably vector #2. Otherwise, it's probably vector #1.

Your only option with #1 is to delete your email address and start with a new one that you protect very carefully in the future (or use a spam filter, which you've already found doesn't work, and has the problem of blocking some valid emails).

With #2, FormMail has a lot of automated features that can detect and block spam. Some of these are enabled by default and protecting you to some extent now.

You should try to analyze the type of spam (what it looks like) and use the appropriate FormMail features to block it.

Check out these features, which need to be configured to work:
http://www.tectite.com/fmdoc/attack_detection_junk.php
http://www.tectite.com/fmdoc/attack_detection_many_urls.php
http://www.tectite.com/fmdoc/attack_detection_many_url_fields.php
http://www.tectite.com/fmdoc/attack_detection_reverse_captcha.php

Thank you. This is exactly what I needed to know.

As most of the spam contains two URLs I have tried the softer ATTACK_DETECTION_MANY_URLS configuration. This seems to have worked ...for now!

Greetings:

I realize this thread is old and I only hope you may be able to help?

As a website designer I too face the problems associated with SPAMMERS! Although Akismet (http://akismet.com/) screens out 90% of spam through the Wordpress platform, I have yet to find a reliable resource for webmail applications.

Just looking for a reliable and yet affordable solution...

~Scott

Since my last posting, I have kept up to date with the latest Tectite releases & upgraded other spam filters. I have a McAfee filter & one provided by my ISP. Both of these are set above the default settings.

Unfortunately, the level of spam continues to increase. I now even permit my ISP filter to delete them on the server but I still get about 200 on some days!

Changing email addresses it not an option if you have spent years building up a client & prospect list who contact you via that address.

I have yet to install a CAPTCHA element to my forms (as I have always felt this deters genuine responses) but as these become a more common feature of the internet ...I think my clients are ready for the upgrade!

If any spammers are reading this: I am not interested in your Viagra, dodgy watches or p**** enlargement offers...

Hi,

It's a good idea to distinguish between direct email spam and spam received via a form submission.

FormMail can't do anything about direct email spam if the spammers already have your email address.

But, if you're receiving spam via your forms, then you can almost certainly block 99+% of it using FormMail's anti spam features, without resorting to using Captcha.

If any spammers are reading this: I am not interested in your Viagra, dodgy watches or p**** enlargement offers...
lol!
I have erred on the side of caution and always implement a CAPTCHA element to my forms. I personally don't think it is too much of a deterrent for people who wish to provide a response... Frankly, I think most people are becoming used to this element as a matter of practice?

...as I mentioned, I would agree with you on the CAPTCHA issue now.

It is also true that most of my spam is direct mail (although I do get some form spam, usually from forms I have yet to update). I felt my response was answering your query, even if I did not stick strictly to formmail spam.

Thanks.

I'm still waking up and the caffeine has yet to take full effect.
Thanks for your response, and have a GREAT day!

Does formmail have a block by IP? I am currently recieving spam via form submisssion which is invoking the Formmail Script Error.

I know the spam is currently coming from an IP address in Russia - I don't require the ability for communication with persons in Russia, so I was wondering if there is a method for banning by IP?

Hi,

Have you looked at these settings:
http://www.tectite.com/fmdoc/alert_on_user_error.php
http://www.tectite.com/fmdoc/attack_detection_ignore_errors.php

FormMail doesn't have a block on IP, but you can do this easily with Apache using .htaccess.


<Limit POST>
order allow,deny
deny from 89.149.202.152
allow from all
</limit>