TheJoe.it Into the (open) source

22Apr/112

Some methods for countering email spam

spam

The satirical cartoon of today, of Randy Glasbergen introduces us to the problem of SPAM, a true scourge of the Internet. In some recent statistics the proportion of spam on all e-mails sent each day reaches'82%, and it is not difficult to compile statistics on their personal email box. For example, the 21 April I received eight spam emails... and eight email "good". The methane.

The scourge of spam is also due to little control providers "too cheap", or to laws of some countries too "libertine" that do not impose controls providers. But there is a solution to all, indeed there are several. Some time ago I've had to include an email address in the clear between the pages of a site. Write the address unencrypted email is tantamount to saying: "I'm here to receive SPAM", so I have documented and the solutions are many.

Form mail con captcha

The form mail are not a recent invention, ma l'introduction of captcha was a turning point that allowed a constant defense against bots and crawlers automatic. In essence it is of some characters visibly altered that can not (or might not) be read by automated bots. Some examples can be found below.

It will then be necessary dell'immagini enter characters in a field, if the characters match the form will be validated, otherwise it will be asked to enter another captcha.

Necessarily the captcha are processed by some libraries the server, is clearly not possible to implement a captcha only through the HTML (which is a language of pure visualization). There are several PHP scripts for the generation of captcha, for the platform WordPress exist special plugin.

Encode the email link with javascript

Javascript is another programming language that comes to us. A different approach from that captcha requires no PHP is the encoding of the address using Javascript. In practice each character of the email address is converted into a code more complex to decipher the bot, that if well planned can certainly come to head, but the percentage of attack is relatively low. One of these tools is "Antispam email address encoder", a small Javascript file that after the insertion of the email to be encoded returns the scrpt to be included in the HTML page.

For example, we attempt to encode the URL "prova@pro.va". The result will be to include this:

<script type="text/javascript">
//<![CDATA[
function obscure(){
C can be,R,And,P,T=
"T=\"38364043363642433742343538363935373540434034344043"+
"403841354138344036543d22543d5c227d3b2929322c5928727473"+
"6275732e542b272527286570616373656e753d2b507b29323d2b59"+
"3b6874676e656c2e543c593b303d5928726f663b27273d503b433d"+
"543b7d7d3b2966287441726168632e543d2b437b293b593d3e662d"+
"2d3b2933322b592c6874676e656c2e54286e696d2e6874614d3d66"+
"28726f667b2933323d2b593b6874676e656c2e543c593b303d5928"+
"726f663b27273d433b5c5c5c276636313365323732393362366637"+
"363631343037303732366632653736363133633236363134303730"+
"373236663265373636313365373037323364366436313639366337"+
"343666336137303732366637393734363532383237336336313230"+
"363837323635363636343666363337353664363536653734326537"+
"373732365c5c273d545c223b543d542e73706c6974282727292e72"+
"65766572736528292e6a6f696e282727293b223b ";R='';for(Y ="+
"68;And<T.length;Y   = 2){R =unescape('%'   T.substr(And,2));}";
while(T=eval(T));}obscure();
//]]>
</script>

Without having to download the script, you can in general rare link directly from the form online.

Akismet

Akismet is one of the most powerful tools to fight SPAM online. Despite this instrument applies to the comments in the blogs, but not to email me seemed equally rational quote. Use only as Akismet ie WordPress plugin. The plugin offers besides the normal protection from SPAM-based blacklist and whitelist also detailed statistics of Comments "good", i SPAM comments unrecognized, i Comments "good" recognized come SPAM.

A little over a year now I manage the blog, and I've never seen a comment "good" locked. Sarà fortuna, I will be a good hoster but the problem I've never seen. Occasionally it happens that some comment SPAM is not recognized, but it is not enough to approve comments and mark them as spam to help Sharpening the service offered by Akismet.

I always recommend the use of Akismet, a plugin is very light but accurate, requires no specific configuration and protects us from all the crap that sometimes are caught in the comments.

Conclusions

All these methods are relatively simple to implement, do not require special technical skills and improve the web experience of our visitors. I forgot to mention that it may also implement all simultaneously.

About

I keep this blog as a hobby by 2009. I am passionate about graphic, technology, software Open Source. Among my articles will be easy to find music, and some personal thoughts, but I prefer the direct line of the blog mainly to technology. For more information contact me.

Comments (2) Trackbacks (0)
  1. Purtroppo è così.. prima o poi ti prenderà! 😀

  2. dalla spam non si scappa 😀


Leave a comment

No trackbacks yet.