While this posting has nothing to do with SmarterMail, it's about junk email being posted on a website's feedback form. In my case, this email contains nothing but a bunch of links to other websites. And, the problem is getting worse.

However, I don't know if these sick minds are manually posting it (actually visiting my website) or if there is some program automatically doing it. In either case, I asked HMS to block the IPs responsible (81.177.14.X and 81.177.15.X) but that only helped, some of these IPs are still getting through. And now, more sickos are doing the same thing.

Since all entries come from my root, there isn't anything to filter... therefore, lest I miss some legitimate feedback, I have no choice but to open each one. If I don't find a solution (since blocking IPs isn't working well enough), I might just decide to get rid of my feedback form. Any suggestions?

I just don't understand these people... do they actually think I would click these links? Do they actually think I would respond to an email that purposefully misspells a word to slip by the filters? These are dishonest tactics... why do business with someone slimy?

A large part of this junk email problem is due to all the email addresses made available... no one person should need more than a couple.

Allen,
I am sorry to hear this is happening. Do you by any chance have CF installed on your plan? If so, an easy solution would be to do this:
1). Change the name of the script that processes the form. ( make the name difficult to guess, and also, the bots might still remember the old url)
2). Convert the form to a CFFORM with flash, so the bots can't find the url to post to
(They can't read flash files, and even if they had MM's search SDK, they would still not read where to post to)
thanks,
Ben
As an aide: you could also deploy a CAPTCHA in any language, but that is more intrusive.

Thanks comprug... I didn't know bots could do this. In that case, changing the name of the script aughta work. I'll first see if it's possible on FrontPage's form (I know nothing of Cold Fusion... yet).

Allen,
I apologize in that simply changing the name won't work for that long. While it may save you for a week or so, the bots will recrawl your page, and find the new URL to where to send the data. Unfortunately, the only non-intrusive way I'm afraid would be using Flash or DNS. DNS would be harder to implement. As I learned, as long as the URL of the script is visible in the HTML, the bots will find it, and send data to it. By using Flash, the URL won't be visible. Because CF is made by Macromedia, it can generate flash forms on the fly. Is the site you are having trouble with the site in your signature? If so, maybe I can take a look at the HTML and see what you can do. Another solution would be to use Javascript, but some bots might be able to understand it in the near future, unless of course you do complicated obfuscation, and some other stuff not possible in Front Page.

No problem and yes, it's the same website below. Please feel free to check it out. Incidently, is this what the bots are accessing... "xxxxx??? I suppose it doesn't matter though, I can only edit the file name where the feedback is sent. Whether that would do any good I'm unsure.

Allen, under closer examination, I found your site does NOT have coldfusion (just go to domain.com/blahblah.cfm, and see if it returns a CF error), but the script is a dll. I have no experience whatsoever with DLL's, but I hear they are hard to edit. Can you edit the source of your pages with frontpage? if not, here's what I recomend doing. Simply change the url again to something harder to guess in case the bots reindexed your page. then make the link a flash swf. If the bots can't find your form, then they can't find the url to POST to. create a button inside the swf, and add the code to it under the actions panel:

Thanks,
Ben

Thanks Ben for your input... I really appreciate it.

I'll try your suggestions. In the meantime I think I'll remove my current feedback form and just post my email address. I'll let you know what I came up with.

I'm sick of fighting a defensive war... we need killer bots going out on search and destroy missions. We could slap a cookie on those little suckers and follow them home.

Well actually, if you had the letters in the box, the bots would take the image and have their own visitors read it, But what you can do is embed it in a flash file, and then you have javascript access on their site, so you can find more info. Although that isn't exactly legal.

Sooner or later though I think someone will come up with a way to retaliate... some way to cause spammers plenty of grief. Spamming has got to be make into a losing proposition. The problem is horrid... I get hundreds of junk email everyday.

History tells us this will happen... people will only put up with crap so long. If there is a need, someone will fill it. But then, of course, killer-bot salemen will be on the prowl!!

Allen, this could possibly be illegal I believe, but someone could retaliate against a bot like this:
they could embed this javascript in their flash movie:
Please note that this would only be if the spammer decided to include your CAPTCHA on their page for their visitors in read, but this is often the case. Basically, this alerts the person submitting the form if they are submitting your captcha on another site, gives them 5 seconds to exit the page, and if not, it redirects them to yahoo.

This test might be interesting...

Since I eliminated my feedback form 5-6 days ago, and while I'm not getting anymore junk email from it... not surprisingly the bots are still trying. My Feedback page is still getting hits and more-so everyday. Yet, having no success in their mission, my hope is they'll soon quit trying. While likely not, perhaps perpetually to be in some stagnant database, it's a matter of curiousity.

What the heck, it won't kill me to be without a feedback form for a couple months.

Allen, I got it - create the contact form again, jut without the script. Rename it, and have the old URL redirect to it, so they will think it has moved, and send email to a phony form. That should solve your problems.....
Ben

Thanks, an idea. Still, I'm going to wait awhile and monitor the hits. If they don't stop, then I'll probably just remove the page for awhile... or for good. No big deal I guess, I've noticed a lot websites don't have feedback.

Maybe I aughta just get rid of my mail box too... heck, 95% is spam. I would be consistent with why I disconnected my TV set 3 years ago (because of all the B.S.)

Come to think of it, maybe I aughta just trash my computer too. Pour acid on it... run over it about 50 times.

No more B.S.

Right... I know what you're saying... Sometimes I think they should trash this forum with all the spam. For me, I prefer a two tier approach to email - Only allow email from people I am expecting an email from, have a seperate email for registrations, and that sort. Well actually three tier - Block all foreign mail.

My thoughts exactly on foreign mail... block 'em all.

BTW, I just discovered Ironport... an anti-spam and anti-virus hardware company (not software per se). It is probably cost-prohibitive for the average user though... they seem mainly geared to serve large companies although their IronPort C10 is for smaller companies. See http://www.ironport.com/products/ironport_c10.html

What is cool is that it isn't software you install in your computer, rather it's a device everything is routed through. While the pros surely know about it, it's news to me. At any rate, one wouldn't have to worry whether Microsoft told companies like Symantec and McAfee all they need to know. With all their legal battles going on, it makes you wonder how cooperative Microsoft will be. There would be no conflicts with an outside system... maybe something like that will be available for the little guy soon.