Hi,
sometimes I get non-sensual e-mails from my webform. An example (the form is german, but has the typically structure):
Submitted on Sonntag, 3. Oktober 2010 - 12:34 Submitted by user: Diese Werte
wurden eingegeben:: Ihre Nachricht: 6GQlZq
href="http://bkdcjjcwbhsa.com/">bkdcjjcwbhsa,
[url=http://djvxkvmpcoor.com/]djvxkvmpcoor[/url],
[link=http://gqtpduripbbn.com/]gqtpduripbbn[/link], http://zloegktmjkpl.com/
Name: ipuxoodjs
E-Mail Adresse: uzmwkp@sckdsw.com
Telefonnummer: DCNkrzTwvBuN
Is there a possibility to filter such trash? I've thought about checking the e-mail address by a little testmail. Is there a module which offers that functionality? Or have you any idea for alternatives? The form-input above isn't from a spambot. It's from a brain-damaged user. How can we protect us against them? :-)
-j
Comments
Comment #1
quicksketchYou can install Mollom or CAPTCHA modules to prevent random garbage input.
Comment #2
jepster_But with this captcha modules I cannot prevent from humans, which want to post garbage. The example post above seems to be not from a spam bot.
Comment #3
Michsk commentedwhy does it to you not seem to be a post from a spambot? Because it does look like a spambot post. You can also try to implement email_verify. But a captcha would be best practice.
Comment #4
spamjim commentedI'm pretty sure that is not from human input and would be stopped by the CAPTCHA module.
I see that same nonsense generated on a few Drupal sites I manage that do not use CAPTCHA. I never see it on sites I manage with CAPTCHA.
Comment #5
jepster_Thank's for your answers!
I don't want to use a captcha, because I don't like them. They aren't user-friendly in my opinion. The e-mail verification module from http://drupal.org/project/email_verify sounds very interessting. Has anybody tried to use it with webform? If yes: is it possible to use that module easily, without writing a own module?
Comment #6
quicksketchThere is also http://drupal.org/project/webform_confirm_email, but it does not yet work with Webform 3.x.
I still think Captcha is the way to go here. If you don't like captchas, take a look at Mollom, which only shows captchas if it suspects that the post is spam. If it looks like a legit post, users aren't bothered to fill out the captcha at all.
Comment #7
spamjim commentedemail_verify is still not a perfect solution. A spam bot or malicious human poster can still use a real email address (likely someone else's) in forms.
I like the optional challenges in the CAPTCHA Pack ( http://drupal.org/project/captcha_pack ). Beyond checking for human input, they can determine (through math or spelling challenges) if the poster is just plain dumb. :)
Comment #8
quicksketchAnyway I think we've covered the set of options available to prevent these posts.
Comment #10
espirates commentedThere should be a way to prevent urls in webforms. There's really no spam prevention in webform, makes me not want to use it because of that.