[clue-tech] HTTP method specifications
Jed S. Baer
thag at frii.com
Fri Nov 25 09:50:09 MST 2005
I'm looking into a spamming problem with the contact form on the CLUE
website.
Some of you might have noticed that there is now a CAPTCHA field in the
contact form, which will screen out spambot form submissions. In working
with this, I have also included another little filter, which is catching a
lot of crap as well. What's interesting about it is that in checking my
logging, it's pretty clear that whatever spambot is throwing POST requests
at our contact form has not been customized or targeted to it. So it looks
like someone is attempting to use a known attack against some other
well-known off-the-shelf contact form, or something like that.
Anyways, while I believe that the overall problem is solved -- i.e. random
people, or maybe only Jeff, aren't getting spammed via the contact form --
I'm still looking for a more robust way to catch spambots and ignore them.
Currently, I'm logging in order to see whether legitimate e-mails are
getting trapped (so far, none, AFAICT), and I want to get to the point of
not feeling as if I need to do that.
So, I'm looking for a good description of how the HTTP post specification
works. Something other than the W3C RFC. A google search just brings in
too much other stuff.
TIA
jed
--
http://s88369986.onlinehome.us/freedomsight/
Key fingerprint = B027 FEFB 4281 CC72 67D1 4237 F2D0 D356 077A A30E
... it is poor civic hygiene to install technologies that could someday
facilitate a police state. -- Bruce Schneier
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list