Because accessibility benefits everyone
Web Accessiblity and Spam
Hello WAK (Web Accessible Kentucky),
I'm hoping someone out there could offer some suggestions as to how to deal with a problem we have. You see, our agency has a number of necessary online forms at our web site, running on Linux and Apache, which utilizes some Perl cgi scripts to email the completed forms to the right people. This works really well for us, but lately we've been experiencing a surge in spambots flooding our email with spam via these cgi scripts. We don't normally have problems with spam as COT (Commonwealth Office of Technology) apparently has some very effective spam filters in place. However, because these problem emails are being forwarded by our web site's cgi scripts, the spam filters are assuming that they are legitimate so they are allowed to pass.
One solution in dealing with this problem is to utilize a CAPTCHA, human readable graphics used to determine whether the poster is human. This would be quite useful in stopping spam robots from flooding our email with spam, but it poses a new problem, it isn't web accessible to people who have vision problems. I have good vision and sometimes I even have problems reading these CAPTCHA graphics, I can't imagine how frustrating they would be for people with poor vision.
So, my question is, are there any web accessible alternatives to dealing with these spambots? Personally, I have never cared for CAPTCHA as they add a certain nuisance to the web site experience, but they do seem to be a necessary evil at this point. I'm wondering if there's a less annoying way of determining whether the poster is not a spambot?
Any help would be appreciated!
Jim
I'm hoping someone out there could offer some suggestions as to how to deal with a problem we have. You see, our agency has a number of necessary online forms at our web site, running on Linux and Apache, which utilizes some Perl cgi scripts to email the completed forms to the right people. This works really well for us, but lately we've been experiencing a surge in spambots flooding our email with spam via these cgi scripts. We don't normally have problems with spam as COT (Commonwealth Office of Technology) apparently has some very effective spam filters in place. However, because these problem emails are being forwarded by our web site's cgi scripts, the spam filters are assuming that they are legitimate so they are allowed to pass.
One solution in dealing with this problem is to utilize a CAPTCHA, human readable graphics used to determine whether the poster is human. This would be quite useful in stopping spam robots from flooding our email with spam, but it poses a new problem, it isn't web accessible to people who have vision problems. I have good vision and sometimes I even have problems reading these CAPTCHA graphics, I can't imagine how frustrating they would be for people with poor vision.
So, my question is, are there any web accessible alternatives to dealing with these spambots? Personally, I have never cared for CAPTCHA as they add a certain nuisance to the web site experience, but they do seem to be a necessary evil at this point. I'm wondering if there's a less annoying way of determining whether the poster is not a spambot?
Any help would be appreciated!
Jim
Replies to This Discussion
-
Permalink Reply by Chris J. Davis on -
You need to do some basic processing of your content before it makes it to the email phase. Things like:
* Checking how many URLs are in the body, more than 2 is spam.
* Is the from address all numbers, if so it is spam.
* Do a regex check for BBCODE, if you find some, its spam.
My personal site is fairly high trafficed, I get somewhere between 1,000 and 2,000 spam comments every day. Using the checks above, plus a few more, I filter out 99% of it. Using the correct technology to process and filter your content makes captchas irrelevant.
I could share some of the code my OSS blogging project uses if you would like. It is PHP but easily ported to a language like Perl.
-
Permalink Reply by Jim Rivard on -
Thanks for your reply Chris.
We're currently using Soupermail, are you familiar with it? It's a Perl cgi script and my Perl isn't anything to write home about, I'm more of a Python man. I can probably hack the code, but I'm not really sure how to apply your suggestions.
It would be great if you could show me how you do it in PHP. Hopefully I could get some ideas.
A little OTT, but I also need to figure out a way to have these scripts work with our upcoming new Oracle database. I know next to nothing about DB, but my boss wants me to have all completed forms entered into the DB. Do you have anything like this in your code?
Thanks again for your reply, sorry it took so long for mine, but I've gotten busy in the last few days.
Cheers!
Jim
-
Permalink Reply by Ron Yoder on -
Jim,
Are there any auditory-based captcha applications out there? This might be an accessible solution for vision impaired users.
Ron Yoder
EKU Web Communications
-
Permalink Reply by Chris J. Davis on
-
Hey Jim,
Don't sweat the time lapse, I think it is safe to say we are all very busy in Higher Ed ;) So lets see here...
I am not familiar with the product you are using, but a good rule of thumb when looking for OSS code to use in a project is how long ago was it last updated? The code you are using was last updated 7 years ago. That would make me very uncomfortable from a sustainability standpoint. Any project that hasn't had at least a maintenance release in the last 6 months is dead in my opinion.
I will try to put something together for you to look at as soon as I can.
Ron,
There are quite a few audio-based CAPTCHA solutions out there, but they are miserable. I have decent hearing (I stood too close to the amps in the 50 bands I was in while in college) and I usually can't understand what is being played.
© 2009 Created by Ron Yoder on Ning. Create Your Own Social Network
