Spammer Getting Through Junk Detection

[Pam]

Please forgive my ignorance on this as most of this is above my head. I have been working on this for several days and am at my wits end. I have had help from my hosting company to get as far as I have in getting this much done.

Here is a sample of the email that is coming through:

email: cialis@cialiscialis.net
realname: Buy Cialis
city: New York
county: USA
state: NY
area_code: 7136
phone_number: 10437256064
number_of_squirrels: ExvbDwKnfFTeSbm
age_of_squirrels: 2rand[0,1,1]
information: generic cialis effectiveness buy cialis generic levitra comprare price cialis generic


Here is how I have the junk detection set up:

\par /* Help: http://www.tectite.com/fmdoc/attack_detection_junk.php */
\par define("ATTACK_DETECTION_JUNK",true);
\par define("ATTACK_DETECTION_JUNK_CONSONANTS","bcdfghjklmnpqrstvwxz");
\par define("ATTACK_DETECTION_JUNK_VOWELS","aeiouy");
\par define("ATTACK_DETECTION_JUNK_CONSEC_CONSONANTS",5);
\par define("ATTACK_DETECTION_JUNK_CONSEC_VOWELS",4);
\par define("ATTACK_DETECTION_JUNK_TRIGGER",2);


I also have reverse captcha set up as well and have tested that and it does work if those fields are filled out.

In the case of this email example though, I would think that 10 consonants would have been caught and stopped, but evidently not as it is still getting through.

Any suggestions and please remember that a lot of this is above my head, so I need coding examples

[crabtree]

define("ATTACK_DETECTION_JUNK_TRIGGER",2);

that says there has to be 2 instances b4 the junk detection will trigger

set it to 1, and that example will be blocked:

PHP Code:

 define("ATTACK_DETECTION_JUNK_TRIGGER",1); 


[Pam]

oh shoot... you are right. I should have seen that one myself. Sorry about that.

I hate to clamp down on these forms that hard, but these guys are leaving me no options. If we could block specific words, this would be easy to fix.

Ok got that fixed and decided to fix another junk detection issue that I have run into which is there are cities and counties in states that have the same name. So I wanted to add "county" to this entry in the script as shown below:

$ATTACK_DETECTION_JUNK_IGNORE_FIELDS = array("email","county");

But it will not work for some reason. When I enter a city and county as the same name, it gets kicked for spam still. What incorrect entry have I made here?