Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: junk email attacks

  1. #1
    Join Date
    Aug 2009
    Posts
    10

    Default junk email attacks

    I updated to the new version 8.16 of formmail has junk email detection features. I have been subject to this kind of attack in the past and devised a solution of my own which works quite well and I have never been bothered by form spam since I implemented it.

    The form spammers look for input fields and fill it with junk, sometimes it is the same in every field which can be detected by formmail but if it is not the same junk, it gets through. My solution is to add an input field which has its value set to a randomly generated value. The field is made invisible to a user by using CSS to position it off screen and setting the tabs to skip it. I set the action to a php program which checks for that 'Key' value before invoking formmail.php.
    A form spammer cannot detect that this not a vallid input field and will fill this field with junk which the key validation program detects and sends back a rude error message.

    I have not been bothered by spammers on any of my websites for months.

    Comments?

  2. #2
    Join Date
    Dec 2003
    Posts
    3,980

    Default Re: junk email attacks

    Hi,

    That's good information.

    It sounds like a type of Reverse Captcha.

    Do you generate the random value using PHP or JavaScript? I'm guessing PHP, because otherwise how would you pass the value to your PHP checking script?

    FormMail now has ATTACK_DETECTION_REVERSE_CAPTCHA which does something similar.

    We use a minimum of two fields. One field has a known value - so this "proves" that it's not a random attack but one that's come via your form.

    The second field must empty. So, if a bot fills it in, we know it's not a human that has filled the form.

    Other fields can be included for additional strength, but it's probably not required.

    But, I like your idea of generating a random value that is passed to FormMail for checking.

    The question is: if a bot just left any existing non-empty text field unchanged, would that not defeat your random value technique?

    If you can send me the URL for your form, I'd like to take a look at it in action and run some tests.
    Russell Robinson - Author of Tectite FormMail and FormMailDecoder
    http://www.tectite.com/

  3. #3
    Join Date
    Aug 2009
    Posts
    10

    Default Re: junk email attacks

    It's actually not as sophisticated as I implied. The keyword is actually generated by any password generator program and is hardcoded in the value property. It could be generated as a new value on each form submission in which case I would use PHP. However, I haven't seen the need. It is like a form specific password which can be an arbitrarily complex combination of characters, numbers, and special characters.

    The only way I can see of a bot detecting this as a password field is by checking that the tab property skips it. It cannot be a hidden input field as bots are smart enough to not modify them.

    I can see that it could be easily incorporated into formmail.php.

    Ben

  4. #4
    Join Date
    Feb 2007
    Posts
    162

    Default Re: junk email attacks

    I'm just wondering if bots would have cookies enabled. I've been using form tokens with flash sessions, and although I haven't had any spam that looked like it was from a bot, I guess I'm just wondering if the cookie requirement would keep them from having successful posts.

  5. #5
    Join Date
    Dec 2003
    Posts
    3,980

    Default Re: junk email attacks

    Hi,

    I've seen some evidence of bots using cookies. That's pretty easy to do.

    I've also seen some evidence of bots implementing JavaScript. That's much harder to do.
    Russell Robinson - Author of Tectite FormMail and FormMailDecoder
    http://www.tectite.com/

  6. #6
    Join Date
    May 2007
    Posts
    12

    Default Re: junk email attacks

    I'm going to try this in my next forms update in the fall.
    I see where your going with this.. dastardly simple yet effective..

    Maybe I am not using the current spam/junk features properly but it seems that they get through. Always bot generated.. and in the majority I can tell because of all the field one is usually the same in all..

    I'm marking this thread.. I'm sure I'll have more questions when I set this up.
    (subscribed)

  7. #7
    Join Date
    Oct 2009
    Posts
    1

    Default Re: junk email attacks

    You should be aware that to "stop" spam, a technique often "soft" may be more useful than a "hard". It is like a jujitsu technique: instead of blocking spam interposed directly in their path, it is better to put only to trip and let it fall because of its own momentum. In the case of spam, this technique is to allow entry but marginalize (applying. HELD), slow down transactions suspected of being spam, responding very slowly during the SMTP dialogue intentionally use other techniques and "soft" similar.

  8. #8
    Join Date
    Mar 2010
    Posts
    40

    Default Re: junk email attacks

    Thankfully, Formmail and recaptcha stops the spam from getting into the database.

    I put up my form yesterday and within 15 minutes, I was getting the def_alert emails, today, I'm getting 10 or more an hour.

    What's with these stupid people behind these bots? I guess the trick is to just eliminate the def_alert email address.

  9. #9
    Join Date
    Dec 2003
    Posts
    3,980

    Default Re: junk email attacks

    Hi,

    No, don't eliminate DEF_ALERT - that's the only way FormMail can report problems to you.

    You should use these settings to stop the annoying messages:

    http://www.tectite.com/fmdoc/alert_on_user_error.php
    http://www.tectite.com/fmdoc/attack_...ore_errors.php
    Russell Robinson - Author of Tectite FormMail and FormMailDecoder
    http://www.tectite.com/

  10. #10
    Join Date
    Mar 2010
    Posts
    40

    Default Re: junk email attacks

    Ok, Russell, thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Avoiding the Junk Mailbox
    By dancingeyes in forum HOWTO Guides and Tips
    Replies: 4
    Last Post: 25-Mar-2009, 03:43 AM
  2. messages go into junk e-mail folder
    By eoates in forum Community Support
    Replies: 4
    Last Post: 14-Jun-2007, 05:13 PM
  3. no_recipients error and junk
    By artmaker in forum Community Support
    Replies: 0
    Last Post: 13-Aug-2006, 02:45 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •