Fighting spam: Spam-free guest book
The guest book as a means of providing feedback
You are operating a web site and want to grant your visitors the option of
immortalizing themselves one way or another and maybe also leave a comment?
Then you have the option to do so by integrating a guest book.
Some providers of web space offer the opportunity depending on the online
package chosen to integrate a guest book by means of predefined modules, which
can normally be done rather easily. However, you don't have this option at your
disposal when you can occupy the web space that you have booked at your
discretion or you have rented an entire server. In this case you yourself have
to make use of Perl or PHP and create all the necessary scripts for displaying
the guest book and generating entries entirely on your own.
Nothing could be simpler, one might want to think, especially if you are reasonably well-versed in script languages: The entire logic can be put into a single script, and the entries can easily be stored and recalled with a MySQL database. Now you have neatly established a means for your guests to leave comments, surprises included...
to the topMany greetings from Mister Spammer!
You might find yourself wondering about the content of some entries when
reading the comments that have ben written to your guest book, and you probably
ask yourself how money investments or selling potency medicine, but also online
casinos or (usually questionable to outright illegal) downloads of files, are
supposed to be linked to your web site. In this case you have been visited,
indeed, but unfortunately it has been from that kind of person that nobody
wants on his site: Spammers.
Wherever they can dig up an opportunity to disseminate their digital junk they
are inevitably going to use it without bothering with whether or not they are
severely getting on other people's nerves. The only thing they take interest in
is how to best disseminate their offers which are usually dubious at best.
In order to spread their digital junk spammers, aside from a few exceptions, make use of bots that search the Internet for forms that they may use to publish their digital refuse, and they seem to be rather successful with this. A close examination of the situation reveals that the problem has rather become worse than better, and even the number of spammers seems to be on the rise.
But since you don't want to have this digital refuse in your guest book, you have to get rid of it somehow, and this is normally done by removing the entries in question from your database. No sooner said than done, after you have dealt with the problem, the guest book is once again free of refuse. But, alas, the joy about this lasts for a short term only...
to the topTilting against windmills?
Once spammers have located a rewarding target, they are going to return over
and over again and “gratify” you with new entries that are supposed to direct
your visitors to some dubious sites, requiring cleansing of your guest book all
over again. Even worse: Your open guest book is very soon known of in the
spamming community so instead of tapering off the volume of the spam
distributed by using it is even increasing, and no matter how much effort you
put into keeping your guest book clean the next entry is going to show up,
offering maybe questionable downloads e. g. of some movie or another instead of
potency drugs – however, in this case things could get particularly nasty for
you...
However, there is still one question: How is this problem to be tackled if one
doesn't want to eternally feel like Don Quixote constantly tilting against
windmills? Just closing the guest book is out of the question for you, because
you didn't put so much effort into this to just shut it down again.
Pull the emergency brake!
The point here is to rig the script responsible for the guest book in such a way that spam is preferably blocked without interfering with any normal use of the guest book. To do so it is necessary to implement viable protective measures that are entirely transparent to regular users, that is, they are preferably completely unnoticeable. From this point of view captchas are a complete no-go, because they aren't transparent at all for a user, but instead turn out to be an insurmountable obstacle even for those not suffering from amblyopia. Other means of fighting spam must therefore be found.
There
are excellent instructions that deal with exactly this problem. I'm making
good use of the techniques described therein, but I have greatly enhanced them
to increase their effect, and so far no spam has come through.
You can quickly get your guest book spam-free as well with similar methods. And
should there be any spam that gets past your defenses, it is a lot easier to
get rid of the problem than when you are flooded with nonsensical entries.