Back when you could sign up to get email notifications of updates around here, I noticed some spammers were attempting to abuse the script [1], and after playing [2] around [3] with it, I decided to scrap that feature [4], but later mused on using a reverse captcha to keep spammers at bay [5].
But while I dont' have comments, I do invite comments [6] on another website I control [7]. And that form is now getting spammed (and like my former Obligatory Email Notification, the only one who sees anything is me).
Heavily.
And when they're not hawking 3″ mortgage extensions, I get incomprehensible stuff like:
Name: embohette
Email: gorgiovgit@list.ru
Comment: <a href="http://salihome.info/show/index.html">Three hip-hop artists have key parts in American Gangster.</a><br> <a href="http://oscines.cn/myspace-layout/index.html">Andre 3000 takes a turn with Charlize Theron in Battle in Seattle.</a><br> <a href="http://myspace-layout.tripod.com/">Robert De Niro and Al Pacino reunite next year in the crime drama…</a><br> <a href="http://rigolu.cn/sex-portal/main.html">MORE big screen… </a>
Submit: Panic
So I decided to put my “reverse captcha” theory to the test. I added a non-displaying <TEXTAREA> to the form, and if it's changed in any way, I ignore the submission. I'm curious to see how long it takes the spammers to adapt, if any bother.
[6] http://www.hhgproject.org/contact.cgi