I'm having trouble with spammers getting through my mail script. I've
heard of FormMail for php but I need a solution for ASP. Any
suggestions? I don't know how to stop these guys from using my forms
to spam.
Thanks!
John 12 2375
To add to this...
Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <>
"http://my_web_form.com/form.asp Then
Respose.Redirect "/SorryCharlie.asp"
Else
'do the form mail thing
End if
the other john wrote: I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
No. Spammers can easily defeat this as well.
the other john wrote: To add to this...
Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
the other john wrote: I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Ugh! Ok...any suggestions?
Thanks!
Bob Barrows [MVP] wrote: No. Spammers can easily defeat this as well.
the other john wrote: To add to this...
Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
the other john wrote: I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
-- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
Maybe CAPTCHA?
the other john wrote: Ugh! Ok...any suggestions?
Thanks!
Bob Barrows [MVP] wrote: No. Spammers can easily defeat this as well.
the other john wrote: To add to this...
Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
the other john wrote: I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
-- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Oh COOL! Checkin' it out now....
I'll be a good poster and show what I'm doing. Can't vouch for it yet,
just looking but for those searching for the same solution.... http://www.u229.no/stuff/Captcha/
Bob Barrows [MVP] wrote: Maybe CAPTCHA?
the other john wrote: Ugh! Ok...any suggestions?
Thanks!
Bob Barrows [MVP] wrote: No. Spammers can easily defeat this as well.
the other john wrote: To add to this...
Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
the other john wrote: > I'm having trouble with spammers getting through my mail script. > I've heard of FormMail for php but I need a solution for ASP. Any > suggestions? I don't know how to stop these guys from using my > forms to spam. > > Thanks! > John
-- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
-- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
Incidentally this is what happened. What is it they are doing here?
Would limiting the number of characters in the suject field help? as
you can see they blocked their IP address. thanks!
From: do****@XXXXXXX.net do****@XXXXXXX.net
Date: Sun, 25 Jun 2006 00:01:11 -0400
To: xxxx@xxxxxxxxxxcom
Subject: do****@XXXXXXX.net
MESSAGE SENT FROM XXXXXXX.NET
MESSAGE FROM: do****@XXXXXXX.net
SENDERS EMAIL: do****@XXXXXXX.net
SENDERS IP ADDRESS: a
bcc: Ke****@aol.com
Content-Type: multipart/alternative;
boundary=ddc847aa92d6c6e1cdc07252e628e393
Subject: to th frantic cheers iv th multichood
--ddc847aa92d6c6e1cdc07252e628e393
Content-Transfer-Encoding: base64
Content-Type: text/plain
YWxsIHRoZSBlbnF1aXJpZXMsIGFuZCBnaXZlbiBhbGwgdGhlIG FkdmljZSBzaGUgdGhvdWdodCBw
cm9wZXIsIGNhbGxlZCBvdXQgdG8gdGhlIHBhcnR5LCB3aG8gd2 VyZSBzdGlsbCBhbXVzaW5nIHRo
ZW1zZWx2ZXMgd2l0aCB0aGUgY29tbXVuaWNhdGl2ZSByaXNobW FuLCBhc3RhLCBiYXN0YSwgY29z
aSBjb21lLCB3ZSBoYXZlIGxvc3QgdGltZSBlbm91Z2ggaG9tcH NvbiwgZ2V0IG9uIHIuIGV4dGVy
LCBwdXQgdXAgdGhlIGhlYWQgb2YgdGhlIGJhcm91Y2hlIGF0
--ddc847aa92d6c6e1cdc07252e628e393--
..
SENDERS COMPUTER INFORMATION: do****@XXXXXXX.net
TIME SENT: 6/25/2006 12:01:11 AM
------MESSAGE IS AS FOLLOWS------ do****@XXXXXXX.net
------END MESSAGE------
the other john wrote: Oh COOL! Checkin' it out now....
I'll be a good poster and show what I'm doing. Can't vouch for it yet, just looking but for those searching for the same solution....
http://www.u229.no/stuff/Captcha/
Bob Barrows [MVP] wrote: Maybe CAPTCHA?
the other john wrote: Ugh! Ok...any suggestions?
Thanks!
Bob Barrows [MVP] wrote: > No. Spammers can easily defeat this as well. > > the other john wrote: >> To add to this... >> >> Would this help stop spammers using this? >> >> If Request.ServerVariables("HTTP_REFERER") <> >> "http://my_web_form.com/form.asp Then >> Respose.Redirect "/SorryCharlie.asp" >> Else >> 'do the form mail thing >> End if >> >> >> >> >> >> the other john wrote: >>> I'm having trouble with spammers getting through my mail script. >>> I've heard of FormMail for php but I need a solution for ASP. Any >>> suggestions? I don't know how to stop these guys from using my >>> forms to spam. >>> >>> Thanks! >>> John > > -- > Microsoft MVP -- ASP/ASP.NET > Please reply to the newsgroup. The email account listed in my From > header is my spam trap, so I don't check it very often. You will get > a quicker response by posting to the newsgroup.
-- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
the other john wrote on 26 jun 2006 in
microsoft.public.inetserver.asp.general: Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
Sure, your code will not do any mailing after "Respose".
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
uh..yea....it was a typo.
can you tell what this guy was trying to do here by the way? I'd
appreciate it, thanks.
Evertjan. wrote: the other john wrote on 26 jun 2006 in microsoft.public.inetserver.asp.general: Would this help stop spammers using this?
If Request.ServerVariables("HTTP_REFERER") <> "http://my_web_form.com/form.asp Then Respose.Redirect "/SorryCharlie.asp" Else 'do the form mail thing End if
Sure, your code will not do any mailing after "Respose".
-- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
the other john wrote on 26 jun 2006 in
microsoft.public.inetserver.asp.general: Evertjan. wrote: the other john wrote on 26 jun 2006 in microsoft.public.inetserver.asp.general: > Would this help stop spammers using this? > > If Request.ServerVariables("HTTP_REFERER") <> > "http://my_web_form.com/form.asp Then > Respose.Redirect "/SorryCharlie.asp" > Else > 'do the form mail thing > End if
Sure, your code will not do any mailing after "Respose".
[please do not toppost on usenet]
uh..yea....it was a typo.
can you tell what this guy was trying to do here by the way? I'd appreciate it, thanks.
What Guy?
I would not know.
I am no a mind reader.
But more interesting is what you want, methinks.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Hi John!
I've read this thread, but I can't find what "mailer" you're using.
With "mailer" I mean "are you using CDOSYS or CDONTS, or JMail maybe?
Some other flavor? This might be of importance. If you're using JMail,
the most important thing to do is check your HEADER fields for
linefeeds/-breaks. So, replace each & every CHR(10)&Chr(13) with
nothing, or a dash, whatever, just no breaks. Breaks make the
mailercomponent think another header is comming up. You can use
breaksline/feeds in the body though. However, it might be good
practise to replace every linefeed/break everywhere. As far as the
other options are concerned, I use so-called one-time-pads with my
forms. This however might be a long short for you. As the IP can't be
checked as you say, you might considder checking for valid e-mail
addresses. There are quite solid methods to do that. Check this for
example: http://www.powerasp.com/content/code...ValidEmail.asp
There are better options though which check for genuine addresses.
This involves requests to other servers though.
Returning to the hidden IP; can't you "just" ignore each request
comming from a hidden IP? Anyway, this as well is a good read: http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay
It opened my eyes for sure!
Anyway, let us know more please!
Best regards,
- Alex.
On 25 Jun 2006 11:30:50 -0700, "the other john" <ki*****@yahoo.com>
wrote: I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
Thanks!
Yes, I am using JMail in this case. This is what I've done so far...
I went with CAPTCHA solution. I have it working correctly. How much
more secure it is I don't know. This is what I'm using. http://www.tipstricks.org/
I also did a mid() on the fields such as IP and subject, etc. to limit
how much would go through. I hadn't thought of doing a replace(). I
have dealt with CHR(10) before however, sorry. What is your method for
using Replace for multiple conditions? I mean doing 2 or 3 replaces on
a single dim or something?
I'm looking into the validation now, thanks!
Alex wrote: Hi John!
I've read this thread, but I can't find what "mailer" you're using. With "mailer" I mean "are you using CDOSYS or CDONTS, or JMail maybe? Some other flavor? This might be of importance. If you're using JMail, the most important thing to do is check your HEADER fields for linefeeds/-breaks. So, replace each & every CHR(10)&Chr(13) with nothing, or a dash, whatever, just no breaks. Breaks make the mailercomponent think another header is comming up. You can use breaksline/feeds in the body though. However, it might be good practise to replace every linefeed/break everywhere. As far as the other options are concerned, I use so-called one-time-pads with my forms. This however might be a long short for you. As the IP can't be checked as you say, you might considder checking for valid e-mail addresses. There are quite solid methods to do that. Check this for example: http://www.powerasp.com/content/code...ValidEmail.asp There are better options though which check for genuine addresses. This involves requests to other servers though. Returning to the hidden IP; can't you "just" ignore each request comming from a hidden IP? Anyway, this as well is a good read: http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay It opened my eyes for sure! Anyway, let us know more please!
Best regards, - Alex.
On 25 Jun 2006 11:30:50 -0700, "the other john" <ki*****@yahoo.com> wrote:
I'm having trouble with spammers getting through my mail script. I've heard of FormMail for php but I need a solution for ASP. Any suggestions? I don't know how to stop these guys from using my forms to spam.
Thanks! John
Im sure the CAPTHA will prevent most spam-attempts. There seem to be
"spiders" that are able to "read" these generated images, but I guess
whenever someone wants to get in bad enough he/she'll get in anyway.
As far as the Char 10 / 13 is conserned, yes, I strip them both out
but for the body, in which I replace them with "<br>", I send
HTML-mail. I can't find the info I came across on the validation part.
It dealt with a couple of techniques, ranging from merely checking the
syntax of the mail address to checking wether or not a domain or an
email address actualy exists by using an XM records check. I believe
the site located at coveryourasp.com has some nice examples to check.
You might find interesting discussions here: http://forums.webhostautomation.com/...r=asc&start=45
Thanks for that http://www.tipstricks.org/ link :-) I'm adding it to
my arsenal!
I hope the spamming has stopped, or will stop before long! I hate
those pesters ...
- Alex.
On 27 Jun 2006 05:48:49 -0700, "the other john" <ki*****@yahoo.com>
wrote: Thanks!
Yes, I am using JMail in this case. This is what I've done so far...
I went with CAPTCHA solution. I have it working correctly. How much more secure it is I don't know. This is what I'm using. http://www.tipstricks.org/
I also did a mid() on the fields such as IP and subject, etc. to limit how much would go through. I hadn't thought of doing a replace(). I have dealt with CHR(10) before however, sorry. What is your method for using Replace for multiple conditions? I mean doing 2 or 3 replaces on a single dim or something?
I'm looking into the validation now, thanks! Alex wrote: Hi John!
I've read this thread, but I can't find what "mailer" you're using. With "mailer" I mean "are you using CDOSYS or CDONTS, or JMail maybe? Some other flavor? This might be of importance. If you're using JMail, the most important thing to do is check your HEADER fields for linefeeds/-breaks. So, replace each & every CHR(10)&Chr(13) with nothing, or a dash, whatever, just no breaks. Breaks make the mailercomponent think another header is comming up. You can use breaksline/feeds in the body though. However, it might be good practise to replace every linefeed/break everywhere. As far as the other options are concerned, I use so-called one-time-pads with my forms. This however might be a long short for you. As the IP can't be checked as you say, you might considder checking for valid e-mail addresses. There are quite solid methods to do that. Check this for example: http://www.powerasp.com/content/code...ValidEmail.asp There are better options though which check for genuine addresses. This involves requests to other servers though. Returning to the hidden IP; can't you "just" ignore each request comming from a hidden IP? Anyway, this as well is a good read: http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay It opened my eyes for sure! Anyway, let us know more please!
Best regards, - Alex.
On 25 Jun 2006 11:30:50 -0700, "the other john" <ki*****@yahoo.com> wrote:
>I'm having trouble with spammers getting through my mail script. I've >heard of FormMail for php but I need a solution for ASP. Any >suggestions? I don't know how to stop these guys from using my forms >to spam. > >Thanks! >John This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Stefan Richter |
last post by:
Hi, after coding for days on stupid form validations -
Like:
strings (min / max length), numbers(min / max value), money(min / max
value), postcodes(min / max value), telefon numbers,
email...
|
by: Citoyen du Monde |
last post by:
Trying to get some ideas on a simple javascript project (to teach myself the
language).
I want to develop a client-side vocabulary practice application that would
allow users to
enter their own...
|
by: CK |
last post by:
Hi all,
I know this question is stupid. But i need some advice for this. I
am trying to develop a website, which will allow the user send to order form
to the admin email. I am planning to use the...
|
by: Toby Inkster |
last post by:
Like me, you are probably confronted with many requests for surveys,
questionnaires, feedback forms, registration forms and so forth: forms
where the processing requirements are very simple (store...
|
by: cartoonsmart |
last post by:
Hi I got the following script going;
<?php
$sendTo = "myemail@myemail.com";
$subject = "My web site reply";
$headers = "From: " . $_POST;
$headers .= "<" . $_POST . ">\r\n";
$headers .=...
|
by: Scott |
last post by:
I've been trying to come up with a way to ensure user input is coming
from the form on my site, and not auto-submitted from elsewhere, and I
don't want to use the "enter the code shown in the...
|
by: Hoopster |
last post by:
Here is my form.
<form action="http://www.johndoe.com/FormToEmail.php" method="post"
enctype="multipart/form-data">
<input class="sidebar" value="name" name="user" >
<input class="sidebar"...
|
by: Spycat |
last post by:
Hi all and happy holidays!
I should start off by stating I am NOT a PHP programmer.
I say that so that in any response to me, you will speak very s-l-o-w-l-y or I won't know what you're talking...
|
by: uranuskid |
last post by:
Hey folks,
I was going to include a contact form on my website. Well, in the first place that seemed an easy thing to do with a form that prompts a PHP file validating the input vaiables and using...
|
by: enrmpaga |
last post by:
i'm using asp.c# to validate form and e-mail the results to my inbox but keep getting this error message:
Compiler Error Message: CS0117: 'System.Web.UI.HtmlControls.HtmlForm' does not contain a...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
| |