Ask HN: How contact form can be protected from abusing by spammers?
I regularly receive a lot of spam and have noticed some pattern. Spammers seem to use publicly available contact forms on random (rather credible) websites. These forms send confirmation message to the specified email on form submission.
Is there a way to protect such publicly available forms from spammers? Is *captcha the only way to do this?
Using something like CSRF token doesn't seem to solve the problem.
3 comments
[ 3.0 ms ] story [ 20.5 ms ] threadI don't remember where I saw this trick a few years ago, I didn't think of it myself. It has worked pretty well on multiple sites that have exposed "Contact us" forms.