Re: Spammers and my form

From what I've seen, one of the most reliable ways of ensuring that a human is filling out a form and not a bot is to have one of those warped, ocr-proof images which display a word that the user has to enter into a text field. If you've never seen it before, register a bogus account on Yahoo. If I remember correctly they use that.

Of course, keep in mind that that is not completely spam-proof. I have seen code that will read words from those images. However, it is very unlikely that the people spamming your site know about that, or are willing to put the effort into implementing it.

The other possibility, which is more effective and easier, is to have every upload mail the admin before it can be activated. When you get 20 requests in a row from spampot.np you can ignore them.
Benefit: you have full control over your system.
Drawback: you have to keep on authorizing uploads.

Update: As Abigail-II pointed out, the text-in-image thing is not exactly uber-Accessible (in the 'I'm impaired and I need access' sense). So, rather than use the gimmick, I'd say go for the admin mail. It's a simple enough system to implement, and its simplicity contributes to its effectiveness.

LAI

__END__

Comment on Re: Spammers and my form Download Code

Replies are listed 'Best First'.
•Re: Re: Spammers and my form by merlyn (Sage) on Apr 28, 2003 at 19:59 UTC
From what I've seen, one of the most reliable ways of ensuring that a human is filling out a form and not a bot is to have one of those warped, ocr-proof images which display a word that the user has to enter into a text field. If you've never seen it before, register a bogus account on Yahoo. If I remember correctly they use that. Yes, I have the code to do that in one of my columns, and code was posted here by jcwren to spoof it, because I didn't work very hard at making it OCR-proof. {grin} -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]
Re: •Re: Re: Spammers and my form by LAI (Hermit) on Apr 29, 2003 at 13:03 UTC
I figured I had probably read it in one of your columns, but I was too bogged down with RL work at the time to do a search. Thanks for the clarification and links :o) LAI `__END__`	[reply] [d/l]
Re: Spammers and my form by Abigail-II (Bishop) on Apr 28, 2003 at 21:53 UTC
You would also very effectively lock out blind users. Depending on your jurisdiction and the service you provide, you may actually violate a law doing so. Abigail	[reply]