Captcha and spam going true the roof

4 replies · opened Jun 18, 2020

Ddata0Jun 18, 2020

Hi Semi,
My site build on canvas is doing great with my customer but I get mails every week that his incomming form-spam is taking huge jumps.
As far I am aware, honeypot does a little, and I add the captcha, but still the form does bring spam to the table and I hae spend hours and hours for days and days to see what is causing this. After weeks i receive a message from my customer that google mailserver giving him a report on spam incoming from his e-mail, this suggest that there is something wrong with the form. I add a screenshot of the message and asked the client for a detailed report on this matter. Is there a little list of checks I can walk trough to see If all the correct steps taken to avoid the most spam?
Looks like captcha for instance is orrectly functioning but certainly does not lower form submissions so it looks like its not effectivly working 100%?

I Found it someting at google form other users talking about input fields not beeing correct in the form, look at screenshot, maby this tells you more of my clients problem? I hope you have time to take a look into the files, this spam problem rocking from the start of site live use so my customer is never fully satisfied and that breaks my heart after working so hard and buying canvas to avoid bad coding.

Kind regards and much hope,
Camiel

SSemicolon WebSTAFFJun 18, 2020

Hello,

Apologies about the Inconveniences caused!

There have been no reports related to SPAM with the Forms/Codes included with Canvas as there is nothing extra or any bad codes that would let the SPAM through. However, the Forms Processor included with Canvas is designed to protect against only Bot SPAMs, not Human SPAMs. Even reCaptcha and HoneyPot can only detect BOT SPAM, so if a Human tries to send SPAM, it cannot be detected by the Google reCaptcha or the HoneyPot. We are using the same Forms Processor using a Gmail SMTP on Our Live Demos where there are more than 50 Forms demonstrated on different Templates and all of them use the single include/form.php File. We never receive more than 50-60 Emails (screenshot attached) in a Single Day from different Demos which has hits from 1600-2000 Unique Users every day and all of them are delivered to the Inbox (not SPAM Folder). Google has never reported any SPAM activity for Our Email Address and this is since January 2019, when the Forms Processor was first launched.

Now, in the Screenshots you have provided, the User clearly says that one of the Users and not many is reporting as SPAM or there is some Filter which is causing the Email to be reported as SPAM. This could be anything. This could be something related to some keyword which that user might be filtering, which we have no control on. Also, in the Screenshot from GSuite, it says that 1 Recipient reports the SPAM. So we are not really sure what is actually happening as we have never received any reports related to this. Also, can you please let us know how what is the actual workflow of your Form and why is the User receiving the Email which they are reporting as SPAM? Thanks for your Patience.

Additionally, in case of Human SPAM you can now edit the $spam_keywords Array in the Latest Version of Canvas in the include/form.php File to add the words you want to block.

If the words are found in any Field on your Form, the Processing will be stopped and the response will not be sent. However, it will still show a Successful Message to the User so that they don’t know what is going on behind the hood which will prevent them from finding another way of sending SPAM.

Meanwhile, do let us know if we can help you with anything else or if you find any further issues with Canvas.

Ddata0Jun 18, 2020

Thanks for the full reply on this issue and the first thing that comes to mind is that there is clearly more human-activity going on.
Actually recently delivered the site to my customer running the previous version of the theme which is not empowered with this "work-block" feature that is genius but I am nowhere able to find out how I simply can attach this feature to the site and not have to upload the whole new version since I have changed a lot in the directory's and for now my only goal is to prevent this spam problem.

Before I go further into detail on the questions asked I wonder if there is a simple solution to add the words-block tool to the mailform of the previous canvas version? I Add the PHP form file to this ticket.

Kind regards,
Camiel

SSemicolon WebSTAFFJun 19, 2020

Hello,

Simply replacing the include/form.php (except your Email Settings) with the Latest Version will work fine.

Hope this Helps!

Let us know if we can help you with anything else or if you find any further issues.

Have the same question, or something new?

Sign in to the Canvas dashboard to reply or open your own topic. Canvas owners get direct help from the SemiColonWeb team.

Reply on the dashboard