-1

What is the most secure way to fight spam? Any algorithm?O r way to fight back spammers?

yivi
  • 42,438
  • 18
  • 116
  • 138
kim edgard
  • 926
  • 2
  • 9
  • 15
  • 6
    Shoot the bastards. But a more practical answer is impossible without knowing a bit more about the problem - do you mean in user-submitted content? Incoming email? Something else? How do your current spam problems manifest? How do you authenticate currently? – symcbean Jun 15 '10 at 11:36

3 Answers3

8

Get a captcha dude, it's probably the best way to defeat spam. Here is a great one called reCaptcha. It's pretty easy to integrate with PHP and is mighty effective. Here is how you do it.

Sam Becker
  • 19,231
  • 14
  • 60
  • 80
1

3 simple methods that I use on my employer's website contact form that really help out:

  1. Set a serverside timestamp when the contact page loads, and check the time again when it posts. If your form was submitted in under 5 seconds (or whatever minimal time is reasonable for your form) then you know its a bot since humans aren't that fast.

  2. Check for multiple tag types in the message. Much of spam we see spam tries to mix html and bulletin board style tags, so you get <a> and [url=] [link=] in the same message, this is an easy to check red flag

  3. Create a hidden text input field called email and name the visible email field something different. Human visitors won't see that field, so if it has a value its a bot(technically could be a blind person with a screen reader but highly unlikely)

WebChemist
  • 4,393
  • 6
  • 28
  • 37
  • Maybe i'm wrong, but I don't think Auto Fill would work then. Because it would be putting your email in the email field therefore automatically marking your submission as spam. – RugerSR9 Mar 12 '15 at 17:07
  • Thats a totally plausable scenario, especially since different autofill plugins would vary in how they were programmed, but in over 5 years of using these techniques Ive never had a false positive on a legitimate contact submission for this reason. Very seldomly I'll see false a positives for people with weird browser settings that wont keep the session so the timestamp comparison fails. – WebChemist Mar 13 '15 at 01:41
1

Mollom is a more user-friendly alternative to reCaptcha. It can be set to only require CAPTCHA validation if the content of the submission looks "spammy", so it doesn't interfere with users entering safe submissions.

Mike Eng
  • 1,593
  • 4
  • 34
  • 53