Jeroen Massar wrote:
Matthias Hertzog wrote:
Hi Folks!
We're facing a growing amount of automatically generated HTTP POST requests, all containing spamvertising links like http://19.altribeati.com/homoerectus/
As far as i know, there are the following ways to handle that: Does anyone out there has better ideas? How have you solved that problem?
What about not having stupid scripts like formmail!? There are only very few cases where this can be useful and in those cases the destination address should be fixed. Then at least the person who is using the script gets the crap and not other people.
There was a similar question on NANOG last couple of days, where somebody was wondering how to block the webcafe's downstream from spamming: top it at the source. In your case that is clearly the formmail.
Even some badly written scripts with fixed recipients have been abused in the past - seen and fixed lots of em on my server
Often they insert a reply-to or from header in the mail containing the senders e-mail If this field isn't properly validated it's very easy to send thousands of spams with header injection.... So don't feel so safe if you use fixed recipients...
One thing I have been pretty successful in blocking spam is javascript... Of course one can argue not all browser support or execute JS but today when every 3rd site completely relies on JS this is no valid point anymore IMHO I use a onSubmit script which sets a variable before submitting. only if this value is received correctly in the script the form is processed...
Matt