Quick tip to fight email form spam
August 16, 2008 – 3:54 amI discovered this a couple of days ago, but the simplicity and “oh wow, I should’ve thought of this years ago”-ness of it makes me believe I’m not the first to think of this.
A few months ago I began receiving spam from the form over at my XHTML slicing site at http://designerschopshop.com . The form itself is actually a slightly modified version of Dustin Diaz’s AJAX contact form, but for this tip you can use any form at your disposal. Lately though, I’ve been receiving 6-8 spam messages per diem. That’s just unacceptable. Wait, I take that back, ALL spam is unacceptable. Especially that super annoying kind that seems to be along the lines of:
Oedipus conflagration is among pacifists with trepidation annihilating mesomorphs http://cheappillsforyourdick.ru/pills/cialis “Hear ye!” behooves cornerstones of Tbilisi yearning for exhilaration http://hotbabes.anddickpills.com/buy/12387/pills dignified constitution
Ugh. Those emails make me want to have a sex-change operation so I can hit on a raging homophobic bodybuilder that’ll beat my ass after I tell him my truthful gender, just so the pain will be great enough to hopefully make me forget about the bastards that send that type of spam. It’s that intense.
Anyway, back to the topic at hand.
I didn’t want to go the Captcha route and wanted to keep it simple. What I did is create two input boxes for email. I gave one the id and name attribute of “email”, and the other “emailFalse”. I placed “emailFalse” before email, but I did this:
<label style="display: none;" for="emailFalse">E-mail address: (required)</label>
<input id="emailFalse" class="text" style="display: none;" name="emailFalse" size="25" type="text" />
<label for="email">E-mail address: (required)</label>
<input id="email" class="text" name="email" size="25" type="text" />Then, in my validation Javascript (and in the PHP, just in case), I added something along the lines of this:
...
else if ( emailFalse.value != "" ) {
alert("Not gonna work this time, bud.");
}
...In other words, you create an extra text box with an id/name attribute that contains “email” (I’m under the assumption that spammers in this case use a regular expression to know which field is which), hide it from normal users via a quick “display: none;”, and add a validation check that looks to see whether or not that field has been filled out. If the field isn’t left blank, it’s spam, so don’t send it. I’ve gone from 6-8 spam emails every single day to 0 in the last 4 days. Obviously, the only thing that keeps this solution working is spammers not knowing about it (yet) and coding around it (so far.) Even so, right now it’s working brilliantly, and that makes me happy.
Neat, eh?
2 Responses to “Quick tip to fight email form spam”
Thanks for the idea. I’m going to test this on the save/send/share form of print-bingo.com today. If I had a dime for every spam method…
By leonard on Dec 26, 2008