On Wed, Sep 27, 2006 at 11:35:06AM -0700, Robert L Mathews wrote: > Richard Spindler wrote: > > >I' implemented a very simple captcha, and haven't had a spam entry in > >my guestbook ever since. > > Keep in mind that when you use a image-based captcha, you make part of > your site inaccessible to visually impaired users. > > For a small-to-medium site, image-based captchas are unnecessary. > Instead, you can simply add a text field to the form, and include a line > next to it that says "type 1234 in this box to prove you aren't a > spammer" (or whatever you choose). > > This is much easier to code, accessible to people using text-to-speech > software, and just as spam-proof on a small-to-medium site. Spammers > only bother writing custom code to handle cases like this if it's worth > the hour or two they'd need to spend on it (e.g., if Yahoo adopted this > scheme to verify e-mail signups, a spammer would indeed write code to > handle it), but no spammer is going to spend any time writing something > that can parse this for a guestbook on a site that gets only a few > thousand hits per month. (It would be easier for the spammer to simply > add the spam manually.) > > We provide a trivially modified version of FormMail.pl to our customers > that works on such a scheme > (<http://support.tigertech.net/formmail#prevent>), and it has 100% > solved the problem of automated spambots sending mail to the form's owner. > > (For anyone who feels that spammers may use software that can > automatically handle "type 1234 in this box", you can easily change the > instructions to something that doesn't contain the literal text you're > checking for, such as "To prove you're not a spammer, solve the > following arithmetic problem: 2 + 6 = [ ]", or "What color is the > sky on a clear day?", etc.) > Those are some good ideas. I will need to try them out. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature