Web Design Brisbane - Raycon Web Design Brisbane - Raycon

Articles

View full article list

CAPTCHA your visitors

Mark Edwards
30-09-2005

Recently, I have been fielding an increasing number of questions from clients about how they stop spam emails being submitted via their website contact forms. In the last week I have started receiving bunches of spam email from my own website contact form.



The spammers behind these latest attacks use automated software to search out standard contact forms on websites. Once found, they complete them with their payload and automatically submit them. The result for the site owner can be a deluge of fake contact messages.



There are two approaches to tackling this problem. The first is the somehow weed out the responses once they are submitted to determine if they are genuine or not. At the moment there are some simple filters which can work quite effectively to halt this style of spam.



The alternative is to present the automated form filling software with a question that it cannot answer correctly but a human easily can. Such a test is known as a CAPTCHA test.



From the Wikipedia:

en.wikipedia.org/wiki/Captcha

A captcha (an acronym for "completely automated public Turing test to tell computers and humans apart") is a type of challenge-response test used in computing to determine whether or not the user is human. The term was coined in 2000 by Luis von Ahn, Manuel Blum, and Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. A common type of captcha requires that the user type the letters of a distorted and/or obscured sequence of letters or digits that appears on the screen. Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a captcha is sometimes described as a reverse Turing test.



If you have recently signed up for a freemail account you will find these tests a part of the acocunt creation process to stop automated software creating multiple accounts from which they can send spam messages.



I recently installed one on a client's website and have installed filters on my own site to stop this problem.



The downside of a CAPTCHA test is that it is one more step for genuine visitors to take to send you a legitimate contact message.



As spammers' software evolves it will be better able to determine the contents of simple CAPTCHA images like the example shown here. As a result, the images will have to become more obscured, making it increasingly difficult for genuine visitors to contact you.



All the more reason to do everything we can to fight spam by not responding to it and definitely not buying anything promoted by spam.

View full article list