Welcome to WebmasterWorld Guest from 100.26.182.28

Forum Moderators: mack

Message Too Old, No Replies

Preventing E-Mail Spam

mailto e-mail inviting spam?

     
10:47 am on May 21, 2006 (gmt 0)

New User

10+ Year Member

joined:Mar 4, 2006
posts:27
votes: 0


I currently have a few web sites running and bulding nicely but as they do I am getting more and more spam mail. I can only presume that this has been picked up by some sort of 'spam bot' collecting addresses from my mailto code which I have for things such as 'feedback' 'webmasters' and 'contact' etc.

My sites have only been live for three months now and I am already getting around 30 spam e's a day (along with the odd virus). Is there a way of limiting or stopping this without removing the mailto facility?

Many thanks

Steve

4:58 pm on May 21, 2006 (gmt 0)

Moderator This Forum from GB 

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 15, 2001
posts:7844
votes: 93


I have stopped using the mailto link for all site contacts, it was just to easy to abuse. You can try using a JS link for your mailto link, but even that is not 100%.

What I now do is use a feedback form that allows the user to submit their information using a web form. The form data is then sent to my email address, but the sender is never able to find out my email address. It is all handled on the server side.

I actually find this is better for collecting genuine feedback. I think users are not sure about using mailto links because in doing so they are giving away their own email details.

Mack.

7:52 pm on May 21, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:June 6, 2003
posts:395
votes: 0


Ditto, my spam has been kicked in the 00's since I got rid of the mailto: links. Anything that isn't in my contact white list or from the form goes right to trash.
8:12 pm on May 21, 2006 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Feb 12, 2003
posts:1208
votes: 0


There are numerous ways of hiding your email address, but they all have a downside. For forms, one thing that irks me is that I usually don't get a copy of what I sent. Had I been able to mail with my mail client then I'd have a copy in my Sent Mail folder. I could also cc: myself to remind me to follow up on the message if I don't hear from the people I'm writing to.

I enumerated the various downsides of the various methods here: [webmasterworld.com...]

8:18 pm on May 21, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:July 19, 2003
posts:99
votes: 0


Plenty of spammers fire emails at

info@yourdomain.com
webmaster@yourdomain.com
etc
etc

Anything that arrives in a catch-all mailbox.

9:24 pm on May 21, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:May 24, 2005
posts:554
votes: 0


Actually what is getting me at the moment is someone, spamming others with my domain address...

So I receive all these bounced rejections from people, and I'm not sending the mail.. why would someone spam people using blahblah@mydomain.com ...

it's driving me mad ..

10:27 pm on May 21, 2006 (gmt 0)

Moderator This Forum from GB 

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 15, 2001
posts:7844
votes: 93


It's quite common for people to find exploits in contact forms. It is possile to send spam using some scripts. You need to be very carefull and make sure you validate all fields.

Mack.

12:26 am on May 22, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:May 24, 2005
posts:554
votes: 0


I understand that and as a general rule I no longer use cgi ..

but one of the domains this is happening with is simply a parked domain, no site, no content..

I can't see the benefit or purpose of bombing people with my domain when there is no 'return of spam'..

:-) a new 3 letter acronym ... ROS ...

7:45 am on May 22, 2006 (gmt 0)

New User

10+ Year Member

joined:Mar 4, 2006
posts:27
votes: 0


Thanks for the advice everyone, looks like I'll have to follow your example Mack and switch to a script. It makes you wonder how the big web sites with mailto cope with the spam issue.

Lobo; maybe you could add a line to your robots.txt - spambots no ROS. :)

11:04 am on May 22, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 13, 2004
posts:1425
votes: 0


I still use mailto: on a few internal pages, silly me.
Yes I get spam, but not so much lately, and Norton-Gaffy cans most of it.
Quite often, I have spammers trying to worm their way into my form-mail files.
Those always go 404, easy to spot, because I have no such files. -Larry
12:02 am on May 24, 2006 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Feb 12, 2003
posts:1208
votes: 0


When spammers use your domain as their return address it's called a Joe Job. To filter out all the bounce messages you can learn procmail and write a procmail filter. That's what I did.
12:28 am on May 24, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 19, 2000
posts:2501
votes: 27


It boggles the mind that mankind created the pyramids, put a man on the moon, figured out how to transmit photos and text electronically and have built airplanes which can break the sound barrier ... but we can't seem to beat spam!

The man or woman who manages to put a stop to the practice of e:mail spamming will become a very, very wealthy person!

12:54 am on May 24, 2006 (gmt 0)

New User

10+ Year Member

joined:Apr 8, 2006
posts:36
votes: 0


Hi, triangulum.
When you switch to a form instead of a mailto link, be sure that your script makes all the checks necessary for avoid being abused. There are many robots out there looking for 'formmail' type scripts to use them for sending spam mail. (BTW: 'formmail' is the name of a popular script written by Matt Wright.)
Good luck.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members