Preventing Spam Coming From Your Webform

Spam is a common problem with forms on websites (such as signup or registration forms), and it pays to be very proactive about preventing malicious form submissions.

The following techniques can greatly reduce the likelihood of spam being sent:

  1. Use a CAPTCHA code in your registration forms. Google's Recaptcha is one example.
  2. Use the Cleantalk plugin or API to check form submissions. We highly recommend this, especially if you are not using Google's Recaptcha solution. A good way to tell if Cleantalk's solution will help, is to search on their website for a few of your spam complaint email addresses (view these in your SMTP2GO App on the 'Reports > Activity' page, using the filter to show just spam events) to see if they show up in Cleantalk's database. Alternative options include Botscout or StopForumSpam.
  3. Use a double opt-in registration process. This prevents repeat spam being sent to inappropriate email addresses.
  4. Limit the number of registrations from each IP address.
  5. Block IE6 (and earlier). A lot of spam is sent by zombie computers that have been hijacked by a botnet and are using IE6 or earlier. See an example script for VBulletin. Incidentally, if you are using VBulletin, you should use an anti-spam plugin.
  6. As mentioned here, provide a text field that is hidden from human users with style="display: none", but with an enticing name like email. Most bots will fill in something in this field, and you can filter based on that. Also mentioned here.
  7. Read the forums of the above sites to find alternative measures which may help reduce malicious registrations.

Was this article helpful?