Joined: 04 Jul 2006
Location: West Springfield, Massachusetts
|Posted: February 27 2007, 02:49 Post subject: Feedback Form SPAM
|As I noted in the blog post Helping SPAM bots, the Toot-O-Matic tutorial's feedback form has been the target of SPAM bots. Although if it had been poorly written (that is, subject to header injection), it might have been used to send SPAM emails, for some reason the bots see the textarea input named "comments" and take it to be an input for page content, which it never was.
In any case, blocking IP addresses was not slowing down the attacks so I changed my approach to handling the problem.
I now make the SPAM bots wait 1 to 2 minutes before sending them to one of several sites that have a form page.
At present, I send them to Google's SPAM report form slightly more than half the time.
If you are an honest user and are having problems loading the tutorial's feedback page, i.e. getting redirected to one of the above sites, my apologies. Please feel free to leave the rating/comment here instead.