+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Best Practices (https://forum.codeigniter.com/forumdisplay.php?fid=12)
+--- Thread: How to avoid of email spam (/showthread.php?tid=63765)
How to avoid of email spam - ardavan - 12-08-2015
Hi friends,
Recently I received many spam email from my contact form which is I thought this won't happened via using CSRF and XSS.
All the emails sent from my contact form on my website. Because the subjects are the same as I've set for it.
I thought CSRF can avoid sending these type of emails but I see, it's not.
How can I stop these spams from my website?
Thanks guys
RE: How to avoid of email spam - arma7x - 12-08-2015
Use captcha or honeypot.
RE: How to avoid of email spam - arma7x - 12-08-2015
http://forum.codeigniter.com/archive/index.php?thread-63141.html
CI honeypot. Credit to martin7483
RE: How to avoid of email spam - Martin7483 - 12-08-2015
Besides using my honeypot
You should force inputs to only accept a certain type of string.
Say you have a phonenumber field, only have it accept a valid phone number.
Check for any BBCODE and links in fields that shouldn't have links in them.
If a form is not valid due to spam protection, don't give any warnings or errors. Just reload to the page with a blank form.
Any given information on why a form fails is a hint to get by your spam protection.
RE: How to avoid of email spam - Diederik - 12-08-2015
An approach I have used in the past is to add a non visible field. Most spambots will fill in all the fields they find. So if you detect a post value for that field you know it's not a regular user.
RE: How to avoid of email spam - ardavan - 12-08-2015
I don't like to use captcha, how is working honey pot ?
RE: How to avoid of email spam - Martin7483 - 12-08-2015
(12-08-2015, 08:54 PM)ardavan Wrote: I don't like to use captcha, how is working honey pot ?
Did you read my thread about the honey pot?
RE: How to avoid of email spam - cartalot - 12-09-2015
a honey pot is a hidden form field that has a very common form name like 'name'. only bots will fill out it. if its filled out you don't use it.