less spam on blogs

And no it’s not a better solution than Akismet, but will do against spam bots…

This is for the ones that host blogs/create a blog and don’t have a spam protection module at it. Maybe you’ve seen this type of protection before (and sure you have; ex: www.darknet.org.uk). Have you guessed it by now? Yes, it’s the “number adding protection”, when you have a last field in a comment form where you have to add 2 numbers (could be even 1mil if wanted, but than who would post comments?).

The most simple method is the following
—
<?php
$n1 = rand(0,20);
$n2 = rand(0,20);
$sum = $n1 + $n2;
echo(“<input type=\”hidden\” name=\”sum\” value=\”$sum\”/>”);
echo(“<input type=\”text\” name=\”add\” value=\”\”/> result $n1 + $n2?”);
?>
—
And on the form parsing page
—
<?php
$sum = $_REQUEST["sum"];
$add = $_REQUEST["add"];
if($sum==$add) {
    //parse the form submited
}
else {
    header(“Location: http://somewebsite.com”); //redirect (if follows)
    //to a not so prefered blog (the bot)
}
?>
—
This would be one way to do it, and the lass good, because the bot could be taught to retrieve the value of the sum field, and the whole protection would be of no use. The next method is based on the same tehnique, only that it uses javascript (there are cases when users have deactivated javascript, or by example use NoScript). No php required in this case…
—
<html>
<head>
<script type=”text/javascript”>
n1 = Math.round(Math.random()*20);
n2 = Math.round(Math.random()*20);
sum = n1 + n2;
document.getElementById(“sum”).innerHTML=”result “+n1+” + “+n2+” ?”;
function formSubmit() {
    if(document.forms[0][0].value==sum) {
        return true;
    }
    else {
        alert(“Lack of math skills!”);
        return false;
    }
}
</script>
</head>
<body>
<form action=”somepage.php” onsubmit=”return formSubmit()”>
<input type=”text” name=”add” value=”"><div id=”sum”></div>
<input type=”submit” value=”submit”>
</body>
</html>
—

E(n)D
Of course as always, you can mix them, or even use this method for displaying your emails(only the second one) because those damn bots can’t parse javascript code… anyway feel free to thrown in some interesting ideas, creative ways to stop spam via html/javascript/php code…

mailbombing – a myth or a legend

Yes… those where the times…

I don’t know how many of you where in the mailbombing scene (shouldn’t even name it scene)… but there where groups of people who formed small comunities (let’s call them this way) of mailbombers.

And it was easy to mailbomb… what times… nowadays true mailbombing doesn’t exist…
What do I call a true mailbombing? An attack that could render useless your email address…

How could this happen? We can only make some asumptions, because in a different days than nowadays when webmail services (such as Yahoo) had to process many emails at once, they pushed hard and processed them; as of nowadays (I assume) they que emails if they come at a high rate (at least gmail does). Another reason why this could happen (refering to the old yahoo also) was because the limit of 6mb per email address (nowadays being virtualy limitless)…

And a small theory: We (as I and some other folks that used to mailbomb) used to assume that the Yahoo! webmailed service worked in such a way that if a specific email address would have surpased it’s 6mb limitation than that email would no longer be used… It’s just a theory, nowbody proved it, but it seemed to work…

Those where the times… when you used apps like HakTek, Avalanche (other programs existet)… or if you used Linux simple mail scripts…

A myth or a legend… nobody knows…

Take a look on how nowadays mailbombing works… sweet but not as effective…e-mail bombing in informationleak way/