Are you a Google Analytics enthusiast?
More SEO Content
Help: Spammers Flooding My Autoresponder.
Posted 30 June 2011 - 11:55 AM
I've come here looking for a bit of help or advice regarding a dilemma that I am currently having for my website.
I host an auto-responder that doesn't require a double opt-in. Anybody can come and create an account and they will start receiving our series of emails.
The problem is that I am being attacked by a persistent group of hackers/spammers that are installing bogus accounts and using proxies to do their work.
Although I've filtered all their IP addresses and eliminated the bogus email accounts, they still come at me every day! I've thought about using a CAPTCHA, but that will only slow them down, it won't stop them, so my question is;
Is there some way that I can stop this attack, other than using a double opt-in???
I thank you for your help and look forward to your input.
Posted 30 June 2011 - 12:50 PM
You have to block the IP addresses of the proxy services. Fortunately, some of them use multiple IP addresses within the same C-class blocks so you can block at that level.
You can also block by geographic region if you're not trying to service the entire world.
Another option would be to whitelist only known domains -- this cuts out a lot of little players but you can set up an option for people to request that their email domains be whitelisted. Unfortunately if you include Gmail, Hotmail, and Yahoo! you'll be spammed heavily -- but if you exclude them you'll block many legitimate users.
There is no simple solution to the problem.
Posted 30 June 2011 - 02:32 PM
Posted 30 June 2011 - 03:30 PM
Anyone who trips the filter has the full message logged to a text file on the server, is given a fake thank you, thinks the form submitted, and moves on.
As I recall, the API has some great example scripts you can use - if not, I can provide the one I set up, if you're interested and need it.
There are also plug-ins for Wordpress and various other systems.
In addition, I also use a hidden field trick similar to what Jill mentioned, and a regular expression match against common phrases used in spam messages.
Posted 30 June 2011 - 04:23 PM
We are releatively sure that these spammers are actually people and not bots, so I'm not sure the "hidden field" trick will work,
but I must say it's a very clever method to catch them red-handed
We've come to realize that it would be impossible to completely get rid of them, so our plan is to minimize the amount of unwanted spam, and make their work that much harder.
Thanks very much for the suggestions
Posted 30 June 2011 - 04:26 PM
It's imaginitively called the "Stop Spammer Registrations Plugin" by Keith Graham. There may be other plugins worth trying as well.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users