Welcome to WebmasterWorld Guest from 54.145.144.101

Forum Moderators: phranque

Message Too Old, No Replies

How Can I Sort Forum Spam Email

Forum Spam Email

   
12:40 am on Sep 24, 2009 (gmt 0)

5+ Year Member



How can I sift through spam emails to enable me to approve the GENUINE registrations? I have a long list of registered emails waiting for me to activate them. However, a lot of these emails are from gmail, which I believe is a popular address which spammers use.

It is an absolute pain not knowing how to sift out the spam emails from the genuine ones, so I would be really grateful for any advice on how I can do this.

7:27 pm on Sep 28, 2009 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



weed any act not posted to for about 60 days

assuming you mean new user accounts here.
2:00 pm on Sep 29, 2009 (gmt 0)

5+ Year Member



We integrated an IP geolocation service's api into our forum registration system (20k+ member forum) and can deny all registration attempts from certain countries or proxies. I highly recommend it.
6:34 am on Oct 1, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I came up with a novel solution that completely got rid of all forum spam registrations and as a happy benefit also seemed to drive the bots away. The problem is that it only works on boards that aren't especially busy or popular.

What I did was simply turn off forum registration altogether. I then redirected the link to register for the forum to lead to a static HTML page I created. On that page it lists instructions to register for the forum (the user simply has to send me an email with a few pieces of information). The email link itself is embedded in javascript and can be changed quickly and easily should the email address get spammed out (so far that address has remained spam free). I then manually register the users.

Why not expand on this idea a bit, which requires JS to run and move the whole form to AJAX?
(If some *major* websites can require JS to register, why can't you?)

####### # ####### # #######

On the Registration Page:

####### # ####### # #######

<head>
<script type="text/javascript" src="http://www.example.com/register.js"></script>
</head>

<noscript>You MUST have JavaScript enabled to Register. Please adjust your browser settings and refresh this page. If you are unable to use JavaScript, please 'do something the tiny percentage of people who actually want to sign up and cannot run JS can do, but a bot can't, like make a phone call?' (Dunno, up to you.)</noscript>

<div id="ClickToRegister" onClick="showForm('LinkClicked');">Click Here to Register</div>

####### # ####### # #######

http://www.example.com/register.js is outlined below:

####### # ####### # #######

function showForm(realClick) {

/* Here's the key I see to making this *way* too much work for most people to bother with writing a bot for: Split the names of the input fields and JUMBLE the response between the php file and the .js file for the names of the input area. The 'real' field names I'm going to use are: VisitorName (= username), FromMailAddress (= email), KeyToLogin (= password) */

var inputField1="Address";
var inputField2="Name";
var inputField3="Key";

/* Make a POST request with "VarName=" + realClick; to 'getfieldnames.php' (or some other server-side script lang) here. */

/* http://www.example.com/getfieldnames.php checks to see if the POST variable matches VarName=LinkClicked, checks to ensure the POST actually came from your website, etc and if everything checks out, echo's "FormMail^ToLogin^Visitor"; */

var phpResult = http_request.responseText;
var fields=phpResult.split("^");

/* Remember:
inputField1="Address"; inputField2="Name"; inputField3="Key";
fields[0]="FormMail"; fields[1]="ToLogin"; fields[2]="Visitor"; */

var realInputField1 = fields[0]+inputField1;
var realInputField2 = fields[2]+inputField2;
var realInputField3 = inputField3+fields[1];

document.getElementById('ClickToRegister').innerHTML = "<form name=\"SignUp\" action=\"\" onSubmit=\"yourProcessingFunctionHere()\">" +
"<input type=\"text\" name=\"" + realInputField1 + "\" />" +
"<input type=\"text\" name=\"" + realInputField2 + "\" />" +
"<input type=\"password\" name=\"" + realInputField3 + "\" />" +
"<input type=\"submit\" name=\"submit\" />" +
"</form>";
}

####### # ####### # #######

Put a 2nd POST to PHP Function to Process the Form Below

####### # ####### # #######

function yourProcessingFunctionHere() {

/* Gather the values of the input fields and make a POST request to formvalidation.php, which passes the names and values of the fields in the form... */

/* If the names do not match, you will know someone either: */

/* A.) Tried to assemble your JavaScript and get the names for the form fields from there. */

/* B.) Found the php page, somehow made a post and tried to get the names of the form fields from there. */

/* C.) Just made something up, because the names I used are non-standard. */

/* The only way I can see to get the right names for the fields is to actually both parse the JS, and POST to the PHP, because to get the right names for the fields they have to put both together. (It means unless you've got a really advanced bot you probably can't automate signing up.) */
}

####### # ####### # #######

I wrote for basic readability and understandability, and of course this is a non-working, and definitely not a copy / paste example. I hope it gives you some ideas, because it's really tough to get past the methods of this one since you have to be able to both parse the JS, and POST to the PHP just to get the fields you need to submit the registration... You can also change any of it to 'unique to you' easily.

####### # ####### # #######

12:50 pm on Oct 7, 2009 (gmt 0)

5+ Year Member



Yup that nuked one of my aliases from 2002!
1:28 am on Oct 31, 2009 (gmt 0)

5+ Year Member



Why are you even doing manual authentication? There are so many ways to combat spam registrations and emails.
This 35 message thread spans 2 pages: 35
 

Featured Threads

Hot Threads This Week

Hot Threads This Month