Updated website email immediately available to spammers?

(Philip Owens) #1

I started to receive spam at the email address which was only used on my site’s contact form (http://philipowens.com/contact/), so I deleted that email addy at my web hoster, created a new one, updated Rapidweaver with it and thought that would be the end of spam. But within a day or two, I was receiving spam again - at the completely new address. This is the only place that email address is used, so it must be ‘leaking’ from my site, despite that as far as I can tell, it’s hidden - looking at the source of the page it looks like:

<div style="display: none;">
			<label>Spam Protection: Please don't fill this in:</label>
			<textarea name="comment" rows="1" cols="1"></textarea>
		<input type="hidden" name="form_token" value="18171605415c54df29b9783" />
		<input class="form-input-button" type="reset" name="resetButton" value="Reset" />
		<input class="form-input-button" type="submit" name="submitButton" value="Submit" />

Any ideas what I can do?

(Philip Owens) #2


(Doug Bennett) #3

I took a look and don’t see any email addresses in the clear. is the spam a form being submitted or something else?

(Philip Owens) #4

No, the emails aren’t (I believe) coming via the form as they are cookie-cutter spam, and surely the spammers aren’t typing each of these into the web interface?

(David) #5

Spammers often try random common address prefixes like info@, contact@ etc, Is that a possibility in your case?

(Mark Sealey) #6

Are they all coming from the same place?

(Mark Sealey) #7

They are much more clever than that: there are sophisticated tools to autofill any and every form they trawl for and pass their muck our way.


(Philip Owens) #8

Ah, hadn’t thought of that. And that would explain why the same spam (almost all is German language spam, oddly enough) continued even after I’d changed the email address - likely their infernal ‘spam machine’ just kept returning to the same URL. Thanks for this heads up, it hadn’t occurred to me.

(Philip Owens) #9

Largely, yes. And your thesis fits because the spam continues to arrive formatted per that contact form output.

(Philip Owens) #10

So the question now is - is there any way I can prevent this?

(Mark Sealey) #11

If you install CAPTCHA, they’d have to be pretty determined manually to comply with its requests every time; which isn’t saying that they won’t - alas.

(system) #12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.