"Contact Us" Spam

[jbarr]

Beginning 17-Feb-2007, I've been receiving spam messages from my "Contact Us" form. They are mostly innocuous, and the return email addresses are sometimes bogus. Obviously, I have to just "trash" these instead of marking them as spam (don't want my REAL feedback to be marked as spam.) It's not that annoying yet, but this could definitely become problematic if it increases too much.

I have seen "captcha" solutions mentioned elsewhere to help combat this, and they seem to be viable.

What are your experiences with this, and how do you suggest combating this?

[dragonrider]

I ended up having to write my own code, complete with CAPTCHA that worked on my Server launched from a get in touch link/page and with a random page name.

Also added a few bits of code to strip any html code out, just in case. So far, so good!

[Beat]

As there has been demand to extend Community Builder Captcha plugin for the joomla contact form, i checked if there were events generated in Joomla 1.0.12 core for a Joomla plugin, but no luck: no events available to add such a function cleanly to core Joomla 1.0.12...

Didn't check yet in Joomla 1.5, but as i understand there should be such a possibility.

(btw: Spam in CB installs has become such an anoyance that we decided to include this plugin into next cb version)...

I think there is a component on extensions site which patches joomla for this, but i don't recommend patches for security reactivity reasons.

[pearlyred]

Hi Beat!

Which parts of the CB install seem to be attracting so much spam?  I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...

PR

[jbarr]

Without having to install CB (I have no need for it) is there any other solution (maybe a "Contact Us" replacement that includes Captcha?

[FerretLife]

Hi Beat!

Which parts of the CB install seem to be attracting so much spam?  I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...

PR

One of my sites gets spam through the contact form daily. Annoying. I have tried the form component that Beat spoke of and could not get it to work or look right.

I do have Community Builder installed on that site, and had been getting "spam" registrations, almost daily. I installed their Captcha plugin, worked great!

Now if someone can just work some magic on the Contact Form Component!

[Beat]

Hi Beat!

Which parts of the CB install seem to be attracting so much spam?  I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...

PR

It's mainly registrations which attracted "spams", a poor trial to get noticed by spammers, as usually site admins delete such registrations anyway. CB 1.0.2 included a few anti-spam measures without hitting accessibility, which slowed down the amounts of spam for a few months, before bots "learned". Captcha plugin is an intermediate measure. Next CB release will include even more sophisticated anti-spam measures.

[pearlyred]

Ah ok.  When I go live I'll probably include something like the myVIPcode mod for phpBB on the registration page.  I used it on my phpbb install and spam registrations went from about 50 a month to about 2 per month, not bad   I'm not all that keen on captcha's.

[muddauber]

Here's some more info from the HoneyPot Project.
I've kept up with them and have a server as a honeypot.
This could be helpful to the Joomla Community:

Monday, QuickLinks helped more people get involved with Project Honey Pot.
Tuesday, we announced we'd begun tracking a new online menace: Comment
Spammers. Today we make good on a promise we made when we first launched
Project Honey Pot more than two years ago: helping you stop spammers before
they even get your email address. In other words, today we launch http:BL.

In short, http:BL is a system where website owners can query Project Honey
Pot's data in order to determine whether a visitor to their site is a known
bad guy. If so, the visitor can be blocked, routed to a CAPTCHA or other
test, or sent directly to a honey pot. The system tracks search engines,
suspicious IPs, known harvesters, and known comment spammers through
Project Honey Pot's vast network of traps installed on websites in over 100
countries around the world. It returns the power over who is allowed onto a
website to the website's owner.

Learn more at:

http://www.projecthoneypot.org/5days_wednesday.php

Built around the existing DNS infrastructure, http:BL takes its inspiration
from traditional DNSBLs -- such as Spamhaus and SURBL -- that have been
used successfully to stop known spammers from connecting to mail servers.
Http:BL extends this same power to website administrators. The basic system
is free and, starting today, it is open to every active member of Project
Honey Pot.

[Kenio]

I have no skills with php nor mysql but i am really upset about comment spammers at my forum...

I was looking for a solution and found Bad Bevaiour for Joomla!:
http://extensions.joomla.org/component/ ... Itemid,35/

It works pretty fine but its database is not up to date so a few spammers get my forums.

I did continue my search and found Project Honey Pot:
http://www.projecthoneypot.org

Obviously, it looks like a final solution but i have not experiencie to code a bot for joomla.

Finally, totally freak with the spam, I decided to try including some lines to my INDEX.PHP and amazing it works.

I copy and paste the lines i put at the very top of my index.php in order to pray for help to get those lines into a proper structure for a mambot:
----------
// My http:BL key
$apikey = 'YOUshouldPUTyourOWNkeyHERE';

// IP to test : your visitor's
$ip = $_SERVER['REMOTE_ADDR'];

// build the lookup DNS query
// Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
$lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';

// check query response
$result = explode( '.', gethostbyname($lookup));

if ($result[0] == 127) {
    // query successful !
    $activity = $result[1];
    $threat = $result[2];
    $type = $result[3];
   
    if ($type & 0) $typemeaning .= 'Search Engine, ';
    if ($type & 1) $typemeaning .= 'Suspicious, ';
    if ($type & 2) {
$typemeaning .= 'Harvester, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
    if ($type & 4) {
$typemeaning .= 'Comment Spammer, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
    $typemeaning = trim($typemeaning,', ');
}
----------
The only thing you need is a Honey Pot Key, don't worry it is free, and you can get it from:
http://www.projecthoneypot.org/httpbl.php

Those lines are working great but i'm totally sure they should not be placed like i did nor where i did.

Any guides or help to make a bridge of Honey Pot with Joomla! will be really apreciatted.

Thanks in advance for your help.

[dbuch]

I found a number of different ways to use honeypot but did not see any mention of adding this code in pages. Where did you find this and what is it doing exactly?

David

[Kenio]

When you add this code into index.php it will search for your visitors IPs at Honey Pot Database, if it finds a match as Harvester or Comment Spammer it should redirect the visitor to a Honey Pot Trap. Actually, i added a few more lines to caught even suspicious IPs.  It works, but i know this is not the right way to get Honey Pot into Joomla.  A mambot will be the right solution but I have no skills to develope it.

I found the info for those lines at http://www.projecthoneypot.org/httpbl_api.php

Any help to get those lines into a mambot will be very helpfull.

[dbuch]

So are you running this as well as bad behavior? How successful has this been for you?
David

[dbuch]

Hello Kenio,

Your code has links to http://www.inosanchez.com/stopspam.php. Where do I get that file? And how can you tell that it is working?

At the moment i have the aheadoccasional.php in the public html directory and your code in index.php. Should I do both?

David

[toubkal]

Obviously this thread has begun to look at some more serious methods of preventing contact form spam, but I thought it worth mentioning that I stopped the vast majority of the spam that I was receiving, simply by adding a few words into the banned words parameter of the contact form menu item parameters.

For those who do not wish to implement a code based solution, it may be worth drawing your attention to the banned word parameter as a very simple first step to try.

[Kenio]

dbuch, I was using both:  Honey Pot and Bad Behaviour... I quit Bad Behaviour because it has no way to supervise what it's doing.  You should get into phpMyAdmin to see what Bad Behaviour is banning and i rather not touch anything there to prevent a mess, i just have no skills at all with mysql.

I know Honey Pot is working because you actually can look at http://www.projecthoneypot.org/bsc_X19t ... UmX19ieT0x to see which IPs marked as Comment Spammers were caught in my trap and http://www.projecthoneypot.org/bsh_X19t ... UmX19ieT0x for Recent Harvesters caught.

http://www.inosanchez.com/stopspam.php is my trap, is a file that Honey Pot creates for each website in order to detect spiders or bots trying to spam your site.  You can create your own trap at http://www.projecthoneypot.org/manage_honey_pots.php

Just remember, in case you want to ad those lines to your index.php you must replace your own key at:
$apikey = 'YOUshouldPUTyourOWNkeyHERE';
You can get your own key at:  http://www.projecthoneypot.org/httpbl_configure.php

You do not need to create your own trap but you must create your own key because sharing of Access Keys with other users is forbidden by the Project Honey Pot Service Agreement.  You can keep the link to my trap or change it to yours.

I sugeest you to create your own honey pot (trap), upload it to your site.  Creates invisible links to your trap (just for spiders not to humans, more info at http://www.projecthoneypot.org/linking_instructions.php ), create your own key and then insert those lines to your index.php

Just take a full tour at http://www.projecthoneypot.org and read, read till death...

[PakWaan]

I have found that adding the words "http" and "www" in the banned words list for both the banned subject and banned text list eliminated all of the spam - it won't let anyone type in a web address on the contact form, and then it does them no good to send you anything.

[muddauber]

Great idea PakWaan! And easy to implement. Thanks Kenio on the Honeypot info and links.
I'll check that out.

I know the problem exists and we need to continue to come up with solutions to
make our sites useful and not exploited.
Has it actually given you information that will help you block problems?

[wildside]

Hi all,

I found this topic whilst searching for ways to avoid spam to my Joomla! sites through the contact forms. and used the advice to add "http" and "www" to the banned words...

Spam stopped immediately...But... So did all other mail from the contact form.. On checking this I am getting the message "your email contained banned words" every single time even if the banned word is not in the list set in the parameters...

If I remove all the words from the settings and save I can then go to the front end and use the contact form... If there is a word in the banned word area of the contacts parameters then no emails at all are sent... It doesn't seem to matter if the banned word is written in the contact form or not...

Could anyone else confirm this? Right now I have removed my banned word list and am open to spam again...

Clive

[PakWaan]

I used the advice to add "http" and "www" to the banned words...Spam stopped immediately...But... So did all other mail from the contact form..

That's strange. It works fine for me on 1.0.15, I get mail from the site almost every day.

[wildside]

Hi all,

Sorry, I am in the wrong board as I am running 1.5.4 version...

Clive