More data is in.
I have proven some more relevant data:
1) Most spam bots are "all purpose" bots. Meaning that they will search for email addresses to spam, search for forms to spam, and look for known exploits on a website to sell.
2) Spam bots are stupid.
So, what do we do about it?
I propose a two channel method: Defense and offense.
Defense
There are countless ways to prevent spam. My personal favorite is to require JavaScript to complete the form. By this I mean, use JavaScript to change the "action" attribute of the form from a fake file to a real one on load, and if JavaScript is not enabled, inform the user that JavaScript is required, or default to a standard CAPTCHA.
Offense
It is not often that we can directly attack spam bots, or spammers themselves. I propose a simple solution: Let them gorge themselves on email addresses registered to known spammers.
Spam bots work by looking on every website for anything formatted like an email address, they then test the address to make sure it works and add it to a database. The database is then sold to the highest bidder.
So, deciding that this is totally not cool, I wrote a simple script that will provide spammers with all the email address they want- up to half a million of them.
One problem for them, these are all known spammer email addresses.
They will think they just scored 500,000 email addresses, but they will only be spamming themselves.
Download Spammer Jammer Script
I have proven some more relevant data:
1) Most spam bots are "all purpose" bots. Meaning that they will search for email addresses to spam, search for forms to spam, and look for known exploits on a website to sell.
2) Spam bots are stupid.
So, what do we do about it?
I propose a two channel method: Defense and offense.
Defense
There are countless ways to prevent spam. My personal favorite is to require JavaScript to complete the form. By this I mean, use JavaScript to change the "action" attribute of the form from a fake file to a real one on load, and if JavaScript is not enabled, inform the user that JavaScript is required, or default to a standard CAPTCHA.
Offense
It is not often that we can directly attack spam bots, or spammers themselves. I propose a simple solution: Let them gorge themselves on email addresses registered to known spammers.
Spam bots work by looking on every website for anything formatted like an email address, they then test the address to make sure it works and add it to a database. The database is then sold to the highest bidder.
So, deciding that this is totally not cool, I wrote a simple script that will provide spammers with all the email address they want- up to half a million of them.
One problem for them, these are all known spammer email addresses.
They will think they just scored 500,000 email addresses, but they will only be spamming themselves.
Download Spammer Jammer Script