On a more serious note. . .

[Mike]

. . . I think we need help with something.
Some spammers are using our "Chicken Wings Contact Form" to send out messages to other people.
Don't worry, you guys aren't going to be affected, that's blocked by all kinds of spam-ware which is costing us a fortune (but hey, we don't want a bad reputation), but it's annoying for us because we don't want to look like we're soliciting Viagra and stuff to other people. It could get us kicked out of search engines like google. . . and that would be bad.
Plus we keep getting all their mail as well and it's filling up our mailbox.

Does anybody know anything about computers or about a good program??

Thanks!

[MO]

We had the same problem with a spam relayer a couple of months ago. We tried a number of "solutions" that didn't worked at all. In the end, we decided to remove the gizmo and replaced it with a good-old email address. We're still trying to fetch for a suitable program. If your server is running on Linux or similar, you should try this one:

http://www.scriptarchive.com/formmail.html

 

Cheers!

[Stef]

Yeah! *%&$ing spammers!!!  It's amazing how much time we already spent on just trying to avoid being abused. Thanks for the link MO. I think I've already tried that script, but I couldn't customize it.

If anybody who knows about programming reads this, please help us:

What we tried is to ask people to copy a random number "$rnd", that is then called $rndcheck compared to $rnd in the form.php file. But it seems they found a way to evade this by somehow being able to enter $rnd and $rndcheck in the form.php, usually using an email address. Now I've blocked it by making sure that $rnd is no longer than 5 characters. Let's see if that works. I have the feeling that some other spammer lowlife will crack that too sooner or later...

[Stef]

Oh, one thing I just wanted to emphasize again:

If you write us an email, subscribe to our newsletter or write us through our contact form, your email address is perfectly safe! We're protected against email address harvesting. The thing happening to us is that somebody uses our contact form as an "open relay" and spams other third parties making it appear that the spam comes from an email account of our server.

[Sleek-Jet]

I've asked around a little, if I hear anything usefull, I'll pass it along to you guys. 

[Mike]

Thanks Sleek!

[Sleek-Jet]

I thought I'd pass this along...

This is what I used to 100% eliminate spamming of my guestbook. http://www.junkeater.com/

That other board can utilize the same devices that I used on my guestbook to limit use of their contact form to real human beings. 

[Mike]

Thanks again Sleek!
I'll pass that one on to my brother (but he'll probably see it in here as well)
He's the computer literate one in the family...

[Plthijnx]

aw c'mon mike! the more you're on here the more you learn! i'm proof that you can teach an old dog new tricks!

[Sleek-Jet]

Thanks again Sleek!
I'll pass that one on to my brother (but he'll probably see it in here as well)
He's the computer literate one in the family...

Not a problem... 

[MO]

Old Dog -> New tricks... Mmmm, I'm still working on that. (I had a book about CGI Scripts around here, somewhere...)

[Stef]

Thanks for all the moral support you guys! It seems I've fixed the darn thing since there's no similar spam coming in. MO, if you're interested how we did it, maybe we can help you out? But I think we'll have to test run our newest solution for some time and see if it's safe this time.

[MO]

Thanks, Stef. Fly it around and let me know how it behaves... When you're ready, pass down the recipe for the "Chicken Wings Patch" so we can apply it on our program.

Cheers !

[Ted_Stryker]

One of the things that seems to work well is forcing human interaction by using a variable graphic with randomly generated text that has to be manually entered.  This technique helps prevent bot scripts and other automated means of hijacking things as the graphics are very hard, if not impossible (currently) to interpret without the aid of Computer #1 (the human brain).

On my website the forms actually submit to a repository that I then scan with my own program.  It filters off all but the legit looking posts, then passes them to me for approval where I can then either manually, or automatically have it posted up on the site under the actual approved file name with a digital checksum for verification (that way if the form is hacked, I get notified and the hacked form is dumped and replaced automatically).

Of course, my website gets relatively low volume due to it's rather niche appeal (Cyber Forensics).  Even the email addresses on mine use an encryption to prevent them from being scooped up.

If you are interested in how I managed this, drop me a private email.  I'd rather not post the specifics here for obvious reasons.
 

[Stef]

Hi Ted!
Thanks for the input! Your system sounds almost bullet-proof! Though a bit complicated. I think I can imagine how it works. However, since the last "repair" our contact form seems to be safe and is working well. I will fall back to your solution if trouble should be brewing again, if that's okay with you. I just don't want to meddle into a system that seems to be working fine. Thank you very much for your help though!!