An alternative CAPTCHA - Page 4

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: An alternative CAPTCHA

Quoted text here. Click to load it

I think that at the individual site level it is easier for a spammer to
manually type in the captcha code than write a script to break your form.
Unless there is a payoff to them for analysing your forms and writing a
program to break them, e.g. you are a high profile web forum or have a
broken mailform that can be used to proxy spam, then I think simple methods
are fine. In our case we are protecting a mailform to our enquiries person.
It is really not worth someone breaking the captcha code in order to be
able to spam the same person repeatedly! (Unless of course they had a
grudge against that person.) Analysis of our logs shows that of the
automated spam we have rejected over the last couple of years, not one even
tried to enter a captcha code. It seems that all the spambots simply
pressed submit and hoped for the best.

Having said that, as indicated in my previous post, my experience was that
this text captcha method did work on a major forum which was being attacked
by spammers, it seems it was easier for them to circumvent it by
registering forum accounts than to write a script to parse the HTML to find
the embedded captcha code.

Re: An alternative CAPTCHA

Quoted text here. Click to load it

Yes, that happens. Spammers are known to hire people for very little
money to do just that. My site also warns that I moderate the comments
and still I get manually entered spam. Some of which I report, and
sometimes with some effect (hosting provider drops spammer).
Quoted text here. Click to load it

My site has a high PR and links in comments are currently "follow". So
if your site is high profile, so is mine. Or: I don't think neither are
worth the effort.

Quoted text here. Click to load it

Yup, the majority of bots are really, really simple and often very bad
jobs (for example a lot fail on resolving relative URLs). This shows to
me that a majority of the comment spammers are the ultimate bottom
feeders in the spam world. And hence, that's why I now and then report
them. Since to people who can't even afford a decent programmer to write
a script moving from one domain to another hurts.

Quoted text here. Click to load it

See above. I have the feeling that a majority of those spammers just
work with a extremely cheap "SEO" service or have purchased a broken
script from someone, or more likely pirated it.

At my rate a basic spamming script would go around 400 USD or so
[1]. That money most likely buys one quite some manually entered links
on sites which have "follow" links, decent PR, and a lazy moderator.

[1] No.

John Bokma                                                               j3b

Blog:    Facebook:
    Freelance Perl & Python Development:

Site Timeline