Hi,

sometimes I get non-sensual e-mails from my webform. An example (the form is german, but has the typically structure):

Submitted on Sonntag, 3. Oktober 2010 - 12:34 Submitted by user: Diese Werte
wurden eingegeben:: Ihre Nachricht: 6GQlZq href="http://bkdcjjcwbhsa.com/">bkdcjjcwbhsa,
[url=http://djvxkvmpcoor.com/]djvxkvmpcoor[/url],
[link=http://gqtpduripbbn.com/]gqtpduripbbn[/link], http://zloegktmjkpl.com/
Name: ipuxoodjs
E-Mail Adresse: uzmwkp@sckdsw.com
Telefonnummer: DCNkrzTwvBuN

Is there a possibility to filter such trash? I've thought about checking the e-mail address by a little testmail. Is there a module which offers that functionality? Or have you any idea for alternatives? The form-input above isn't from a spambot. It's from a brain-damaged user. How can we protect us against them? :-)

-j

Comments

quicksketch’s picture

You can install Mollom or CAPTCHA modules to prevent random garbage input.

jepster_’s picture

But with this captcha modules I cannot prevent from humans, which want to post garbage. The example post above seems to be not from a spam bot.

Michsk’s picture

why does it to you not seem to be a post from a spambot? Because it does look like a spambot post. You can also try to implement email_verify. But a captcha would be best practice.

spamjim’s picture

I'm pretty sure that is not from human input and would be stopped by the CAPTCHA module.

I see that same nonsense generated on a few Drupal sites I manage that do not use CAPTCHA. I never see it on sites I manage with CAPTCHA.

jepster_’s picture

Thank's for your answers!

I don't want to use a captcha, because I don't like them. They aren't user-friendly in my opinion. The e-mail verification module from http://drupal.org/project/email_verify sounds very interessting. Has anybody tried to use it with webform? If yes: is it possible to use that module easily, without writing a own module?

quicksketch’s picture

Category: feature » support

There is also http://drupal.org/project/webform_confirm_email, but it does not yet work with Webform 3.x.

I still think Captcha is the way to go here. If you don't like captchas, take a look at Mollom, which only shows captchas if it suspects that the post is spam. If it looks like a legit post, users aren't bothered to fill out the captcha at all.

spamjim’s picture

email_verify is still not a perfect solution. A spam bot or malicious human poster can still use a real email address (likely someone else's) in forms.

I like the optional challenges in the CAPTCHA Pack ( http://drupal.org/project/captcha_pack ). Beyond checking for human input, they can determine (through math or spelling challenges) if the poster is just plain dumb. :)

quicksketch’s picture

Status: Active » Fixed

Anyway I think we've covered the set of options available to prevent these posts.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

espirates’s picture

There should be a way to prevent urls in webforms. There's really no spam prevention in webform, makes me not want to use it because of that.