hi
Spam messages via my site have increased recently, where at least one spammer seems to enter messages via my site's contact form, despite enabled Captcha.
Spam seems to be sent twice a day entered via contact form at least the messages that i then receive look identical to any message entered via my site, i.e show as sender the email as registed with my site. The message body contains blabla and many links.
somehow i have trouble believing a spammer enters regular spam twice a day [b]manually[/b], hence i wonder is there a way to circumnavigate the Captcha somehow?
any advice as to how such spam can be avoided or reduced?
thanks
*floVision.net, zp/zenpage with custom theme adapted from zpBootstrap
thanks acrylian.
it is possible that someone enters spam manually, but it seemed a bit odd so i wanted to check with you all here. anyway, if noone has noticed a vulnerability then i guess that must be it and treat it as minor annoyance rather than critical.
message confirmation is disabled, but i do not see how it would help. if someone enters spam manually then they would also press confirm, or am i missing something?
thanks
The Zenphoto captcha uses a reversable encoding so in theory it is possible for someone to get around it if they can guess the seed used in the encoding. Besides that, people do make these requests manually. We get thousands of Spam messages a day. Since these users must get an e-mail from their registration it is hard to believe they are automota. Some people just have nothign better to do.
Anyway, Captcha never prevents SPAM, it only attempts to assure that the spam is posted by a person. For spam prevention you need a spam filter. There is a rutimentory one included and a few available that are supported by our users.