[Phpwm] Simple question from a beginner

Phil Beynon phil at infolinkelectronics.co.uk
Tue Sep 5 18:11:06 BST 2006


  Hi folk

  I don't know if I introduced myself, I am not sure. I am a Linux user for
a handful of years, and only recently started using PHP to put simple code
on our church website. I am not an expert programmer though I hope to be one
day when all my other commitments allow me!!!

  My question: I have a simple phpmail script as part of a feedback form.  I
keep getting spam email to my webmaster email address. I have removed all
links on the website to this email address, so the only source I could think
of is from the phpmail script. Any suggestions on how I can stop unsolicited
emails? The spam emails don't use the form.

  Thanks for any help.

  Mo


  Hello Mo,
  There's a number of things that could be happening that could cause this
for you.
  If you have a "catchall" email address set up on the site then any email
address sent to the site will be accepted by the server.
  Also there are a number of "always valid" email addresses that the server
will have set up  such as postmaster@ admin@ etc, spammers know these will
be there and will often use them hoping they will be read.

  The options are either to live with it, use spam filtering on the server
and risk losing some valid emails - in that often major ISPs such as
Telewest and BT get blacklisted by these sites or if you have some access to
the server use the hosts.deny file to block IP ranges where you never expect
to get valid email from.
  As and example of this I've blocked pretty much anywhere thats not
European, North American or Australasian on my servers - and customers have
been told that. Spam still gets through, but nowhere near as much.

  If you want to have an email address on a page and render it invisible
then embed it into a graphic and use that to trigger a form submit to stop
it being culled by spam harvester robots.

  Be careful using "simple" PHP feedback scripts, if they are the usual sort
of crap off somewhere like hotscripts.com then there are also harvester
robots looking for instances of the file on websites whihc they will then
exploit for sending more spam.
  I saw that on one of my customers sites a few days ago, first thing I knew
about it was when I started getting a load of admin level bounces coming
through, and I had to waste hours tracking it down.

  Phil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/phpwm/attachments/20060905/61f0efa2/attachment.html


More information about the Phpwm mailing list