Developer forum

Forum » Feature requests » SPAM mails and forms

SPAM mails and forms

E-mail notifications
Stefan Møller
Reply
Posted on 06/07/2011 12:11:57
Its becoming a more and more normal reaction from our customers, that they are receiving alot of spam after they have set up an contact form (DW7 form module). It seems your form module is easily crawled by spam bots, and our customers are reporting ~10-20 spam mails a day.

What options are you planning on implementing in future releases? CAPTCHA? 

Replies

 
Nicolai Høeg Pedersen
Posted on 07/07/2011 01:19:03
Reply
CAPTCHA is so last year :-)

The antispam functionality known from the previous version of the Forms module also works with the Forms module introduced with Dynamicweb 7. the functionality can be activated under the Security settings in the Management Center.
 
Jacob Bertelsen
Posted on 26/10/2012 08:44:29
Reply

One of our clients have reported an increase in spam activity, even with the antispam functionality checked, in the "Security"-settings.

Have you considered implementing other spam-countermeasures, like honeypot or something else?

 

Thanks in advance :)

 
Jacob Bertelsen
Posted on 05/12/2013 10:55:45
Reply

Even though CAPTCHA is last year (or previous/before that), many larger sites still use it, which must mean that it must have its merits. For example hotmail and google use it.

I return to this post, since some of our clients still report spam-problems.

 
Jacob Bertelsen
Posted on 22/03/2014 13:52:09
Reply

The spamming from DW forms increases.

If not captcha, are there any other plans in motion, in regards to reducing spam?

 
Jacob Storgaard Jensen
Posted on 16/09/2014 22:36:44
Reply

I second that... clients are reporting a lot of spam via misc forms.

Can you somehow share how we can check if our templates are in the way of your different solutions... I fore one have a lot of custom javascript validation on most of my forms!

I can't seem to trigger a spam reaction no matter how many hidden fields I try to fill in... and I certainly can't find the script which should empty the _sys_to_email field...

 
Jacob Storgaard Jensen
Posted on 23/09/2014 16:16:43
Reply

To reply to my own question... I just found out together with Mikkel Ricky, that by re-using my old templates I fucked it up.

In those old templates I had written the initial <forms method="post"... etc. tag by myself for different validation reasons... Which lead to that there were no Forms.Start tag... This tag outputs all the magic... So by writing <forms tag by yourselvesThis breaks most of the new forms validation effort made by the developers...

Hope this helps anyone just a little bit...

(P.S. feeling stupid right now :-D - But the one default template from DW is missing the Forms.Start tag too... has been reported)

 
Anders Ebdrup
Posted on 24/09/2014 09:33:49
Reply

Hi Jacob,

 

Thank you for sharing this :-)

 

Best regards, Anders