We have a persistent spammer using a general contact webform. He has switched IP's and used different email addresses but with the same extension @anemailaddress.com. Under Access Rules we have denied the various IP's. Anonymous access is given to view and submit the form.

How can we have the webform email field checked by access rules to see if %@anemailaddress.com is denied?

Comments

quicksketch’s picture

quicksketch
he/him
commented

You can use Webform Validation module to set up a validation rule against that domain, but that will make it pretty obvious that you're attempting to block that user. I'd suggest using some of the built-in hooks to Webform or using hook_form_alter() to delete the submission as soon as it comes in (essentially silently discarding it), but implementing something like that will definitely require custom code.

quicksketch’s picture

quicksketch
he/him
commented
Status: Active » Closed (fixed)