Please consider donating to the web site: use the Donate button.

How to stop www Form Spam

Spam robots that auto-fill www forms are becoming a huge nuisance. There are ways of detecting and blocking this spam, but mere blocking dpes not prevent it. There are ways of reducing the spam and eventually even stopping spammers sending it!

Anyone using a www form does so because they do not want to publish an email address as that will inevitably attract spam. It follows that people who use forms are anti-spam and the likelihood of any spammed form attracting business to the site are very close to zero! There can be no benefit to the spammer who spams the forms!

So why fo the spammers spam your forms?

It can only be that they have been conned into buying the robot program. The only persons making anything out of form spamming are the authors of the form-filing robot spiders. It is all a big confidence trick! The spammers are actually the marks!

This means that, with a bit of work, we can stop it happening.

How to stop Form Spam

You need to do a whois on the domain(s) of any URL(s) in the body of the spam. This will tell you the hosting company that the domain is registered with. The information will include the host's address, telephone number, fax number and probably an administration email address. Sometimes it nay take a bit of brain work, for instance the contact address may be that of the domain owner rather than the hosting site. But you can work out who the actual site hosts are.

Phone or fax or email the host. Send them the information that was spammed into your form.

I use a template email:

We are receiving www Form spam from a domain registered to you. Please sort it.

Like other people - I use a form because I do not want spam. So spamming a www form can never work and is plainly stupid!

Presumably someone has conned your client into buying a spamming program! Please make them see sense.

I have arranged for any further spam from this domain to be forwarded to you automatically.


Spam is as follows:

and I then quote the contents of the form.

Since doing this, I have yet to receive a second filed-in form from the same domain.

However, as it is very easy to detect a robot-filled form automatically, I do put in a line to the Perl form handler cgi program such as
$mailto = 'admin@host' if index (param("query"), "spammers.domain") > 0;
so future spams from this spammer automatically spam their own host!

Top of page

Page Information

valid-html401-blue Document URI:
Page first published Sunday the 9th of May, 2010
Last modified: Wed, 15 Jul 2020 21:21:49 BST