All geek questions in one place

Gibbis spam - what does it mean?

It seems the bot is trying to spam through my contact form - an attempt to send hundreds of letters with PURE gibberish:

1vvQZe mnfxobzahiga, [url = http://dxicyigwtdyn.com/.BIZdxicyigwtdyn[/url] , [link = http://hhulyjnulbvz.com/†hhulyjnulbvz[/link] , http://nfggzmenyqcl.com/

I really try to avoid using captchas on my site, but it gets ridiculous.

  • Can anyone explain what these spammers are trying to do?
  • What lengths that cannot be lost can I go through to find them? keep in mind that they switch the IP address of each email address.
+4
source share
5 answers

The solution, which often helps in the fight against spam, which is used by several blog engines (I use it on my blog, which is good), akismet : they provide a free service for personal use - and there is also a service for commercial use.

I have never used their API directly, but basically, I assume that you send it a comment, and in return receive information with the message "spam" or not.

+1
source

Re: non-captchas:

1) Many times these robots try to provide value for each input. So add input to a form that has a css display style: none. Then, if the field matters, you know that the sender was a robot.

2) Ask a simple question about your form: "What is 1 plus four:"

Added: For method 2, prepare for the answers "5", "Five", "five", etc.

+4
source

Most modern spam filters work in some form of Bayesian analysis http://en.wikipedia.org/wiki/Bayesian_analysis

If these messages do not cause the spam filter to be “bad”, they fall into the “good” filter, weighing the future real spam message (Viagra advertisement or Nigerian scam or something else) that also contains the same gibberish. So they sowed your spam filter so that they could pass by it later.

My thoughts were quickly supported by analysis on many sites with a simple Google search. See, for example, http://ezinearticles.com/?Gibberish-Spam-Email---Why-Do-Spammers-Send-It?&id=573584

+4
source

They can send test messages to the mailboxes they monitor to try to determine if your site can be used as a spam gateway. This is my suggestion.

Another possibility (as already mentioned) is that they try to improve the reputation of the IP address by sending apparently good messages from the server.

As for their blocking, their bots are usually very stupid. They do not parse HTML correctly, and they certainly do not read the form or do not support CSS. Add a field called "email" inside the display = 'none' element. Make sure this field is blank from legitimate respondents, and the bots will almost certainly fill it in anyway. Rename your real email field to another.

Then any submit form with a value in an empty field is definitely spam and can be ignored.

Other options include using Javascript (which are usually not executed) to fill in the hidden field, but this imposes more requirements on legitimate user agents (however, better than intercepting).

Provided that the technique you use is not too common or similar to those used by many other sites, the bots will not have a workaround for it.

+1
source

How long can I go without captcha to detect them? keep in mind that they switch IP every email address

For anyone who lands here in 2019 and beyond, I actually fixed just such messages in one of my own contact forms (among other things) with a simple test:

He will send me an e-mail in clear text, so there should be no hyperlink markup in it, regardless of whether the bot or the person sends it.

Thus, my form processing code simply checks for the presence of </a> , [/url] or [/link] and sends the user back with a polite message to replace link markup with bare URLs.

This one rule is enough to stop everything except maybe 6 bot spams per year, which seem to be the same bot that was lucky when it already used only bare URLs.

0
source

Source: https://habr.com/ru/post/1300957/

More articles:


All Articles