[nycphp-talk] PHP script needs some filter help
Gary Mort
bz-gmort at beezifies.com
Mon Sep 17 10:07:38 EDT 2007
Christina Karlhoff wrote:
> Hi Gary,
>
> Thanks, I appreciate your insight.
>
> At the moment, I'm afraid that I am not privvy to the correct
> implementation of php code to track a user's submission...
>
I make it up as I go along. :-)
You have a PHP form that sends an email.
So, at the very least, find where the mail is sent to the internal
user(don't do this for the copy sent to the submitter, assuming you are
sending a copy to the submitter which, if your getting spam, is a very
very bad thing to do)
Assume that your message is stored in a text variable called $message.
$message .= " The submitters ip address was ";
$message .= $_SERVER[’REMOTE_ADDR’];
$message .= " and the secret code is YoLarry";
The point of this little bit of text is twofold:
1) It will tell you the ip address of the system that is submitting spam
through your form.
2) The secret code is just a stupid little phrase to add so that the
email came through your own form generator. As you may have someone who
is spoofing the address the form generator uses but sending spam
externally(ie your form may be fine and it may be something outside of
PHP causing the problems).
Note: A better solution is to add those 2 items to the header, not the
email body. Plus adding some extra tracking info, a cookie, the browser
type, capabilities, etc. Basically, track your submissions and find out
what, if any, is unique about the spam submissions that can be used to
filter it.
What I would really do at that point is manually create the message id
and store that in a database somewhere and do some reconcillation
between the spam email and the emails generated by the form to ensure
their the same.
Basically, the main point I'm making is that right now your getting
spam. You think it comes from this form. Make SURE it comes from the
form itself before you go spending time trying to figure out how to stop
the form from sending spam. Also note that if you are getting spam, you
may not be the target of the spam. If you allow someone to CC themselves
on an email, what you may have is a spammer who is trying to send spam
to other people(by claiming to be them and asking to be cc'd on the email).
This is a quick and dirty troubleshooting step, not a long term
solution. A long term solution would be to build a more comprehensive
tracking system for the emails, make sure it is as secure as possible,
and take things step by step. (if you absolutely HAVE to allow everyone
to send email to you through this form, you could send submitted emails
through a spam filter and quarantine the spam on the server and just
send the users a report every few hours "X new emails in Quarantine".)
More information about the talk
mailing list