Home General support

spam via contact form

flo Member
in General support
hi

Spam messages via my site have increased recently, where at least one spammer seems to enter messages via my site's contact form, despite enabled Captcha.
Spam seems to be sent twice a day entered via contact form at least the messages that i then receive look identical to any message entered via my site, i.e show as sender the email as registed with my site. The message body contains blabla and many links.

somehow i have trouble believing a spammer enters regular spam twice a day manually, hence i wonder is there a way to circumnavigate the Captcha somehow?

any advice as to how such spam can be avoided or reduced?

thanks
*floVision.net, zp/zenpage with custom theme adapted from zpBootstrap

Comments

  • acrylian Administrator, Developer
    It might be that he indeed enters them manually. Sometimes people are hired to do these things strangely. Then there is no way around.

    Do you have the confirmation active? I don't remember we ever got any spam on our own site.
  • flo Member
    thanks acrylian.

    it is possible that someone enters spam manually, but it seemed a bit odd so i wanted to check with you all here. anyway, if noone has noticed a vulnerability then i guess that must be it and treat it as minor annoyance rather than critical.

    message confirmation is disabled, but i do not see how it would help. if someone enters spam manually then they would also press confirm, or am i missing something?

    thanks
  • acrylian Administrator, Developer
    Yes if someone does that manually sure. But probably not if indeed automatic spam that might be able to use the captcha correctly. They might not think of having to confirm, Maybe just try it. These techniques always improve as well sadly (and naturally).
  • sbillard Member
    The Zenphoto captcha uses a reversable encoding so in theory it is possible for someone to get around it if they can guess the seed used in the encoding. Besides that, people do make these requests manually. We get thousands of Spam messages a day. Since these users must get an e-mail from their registration it is hard to believe they are automota. Some people just have nothign better to do.

    Anyway, Captcha never prevents SPAM, it only attempts to assure that the spam is posted by a person. For spam prevention you need a spam filter. There is a rutimentory one included and a few available that are supported by our users.
Sign In or Register to comment.