tags:

views:

64

answers:

3
+1  Q: 

Would this anti-spambot method work?

I am not too familiar with how spambots work.

I had a thought on stopping spambots and would like to know if it will work or not.

When a user registers, instead of sending a comfirmation email to their email address, user would be shown a link right after the form is completed. User must click on the link to complete registration.

Now, i ask if this may not work because I don't know if spambots follow links after submitting a form.

If they do indeed follow links after a form, what about inserting the link into the DOM dynamically via jquery or so, so the uri would never be in the DOM and, ideally, the bot would not be able to follow it.

Thank you.

+1  A: 

I would assume that if someone really wanted to mess with your site, they could build a bot to follow that link.

Furthermore, googlebot works by following links to help it index the entire internet, so it is 100% possible that a robot could be programmed to use a link like that.

As for using jQuery or any kind of JS, it might slow them down, but if someone really wants to get into your site, they will find a way past it.

Implementing something alone the lines of http://recaptcha.net/ might be more worth your time in securing your website from robots.

Scott S.  2009-10-17 04:05:11
+1  A: 

No matter what you do, if your site or software is popular enough, someone will eventually write a spambot that will know how to exploit it. Furthermore, they may just get real humans to register, and then use those accounts for spamming later.

Brian Campbell  2009-10-17 04:06:27
+1  A: 

The suggestion to dynamically alter the DOM is clever, because it effectively makes the "screen-scraping" task harder. However, most modern spambots and more generally crawlers have started to embed javascript interpreters and other modules from normal web browsers, lest they'd start being unable to read pages with all the dynamic changes (ajax, jquery-type rewriting and such) that is now commonplace on many sites.

As suggested in other responses, it is difficult to prevent very motivated parties to automate application access, one can only hope to "slow them down".

mjv  2009-10-17 04:16:46

related questions

Apache shutting down unexpectedly
Tools to create a Spam Checker Service in Java or Python
How to stop spammers from getting the email address from a mailto link?
Heuristics to discover spammers/bots (In forums, blogs etc).
Email obfuscation question
What is the best way to programatically detect porn images?
Detecting a (naughty or nice) URL or link in a text string
Good non-intrusive anti-spam email obfuscator?
OpenID a lucrative target for spammers?
What's the most straightforward way to delete emails marked as spam by SpamAssassin?
Bayesian spam filtering library for Python
Best way to send email from my web app so it looks like it came from my users account
How do I protect my forum against spam?
What's the best open-source Java Bayesian spam filter library?
Upgrading Mailman with PGP authentication to prevent spam
Blacklists, Whitelists, Spam Folders and Email
Are there any alternatives to recaptcha.net, for stopping spam?
What is the best way to do basic View tracking on a web page?
How can I use PHP to obfuscate email addresses so they are not easily harvested by spammers?
How can I find the Largest Common Substring between two strings in PHP?
Best language choice for a spam detection service
What is the best method to keep bots from spamming your blog?
What can be done to prevent spam in forum-like apps?
Prevent site data from being crawled and ripped
When the bots attack!