Kryptronic Software Support Forum

polarize · 03-21-2025 10:01:20

Is there a CAPTCHA security change coming in 9.4 that could help cut down on the amount of spam bot emails the come through on the Contact Us pages? Alternatively, is there a modifi cation we can make to enhance the security a bit so it cuts down on spam without creating a burden for customers? Thank you:)

webmaster · 03-24-2025 08:51:04

This is the first report I've seen of spam coming through the contact form on sites. Is it bad? The captcha we're using is pretty basic, but a very good design.

polarize · 03-24-2025 09:08:25

We're getting about 90% spam in our Contact Us form. You can tell they're bots because they will use a first and last name in both name fields and many of the spam emails are duplication of the same stuff like.. we can get your website to the top of search engines, backpacks for sale, and other non-sense.

polarize · 03-24-2025 09:21:10

In further note I have noticed that the CAPTCHA words appear much simpler than before and several words repeat often when I send test contact us and dynamic forms. It could be that it's not randomizing as much as it used to when the images were mixed case, included numbers and had overlaps with enough confetti to obscure the image.

I've also noticed different CAPTCHA patterns at other websites we use which include puzzle piece drags, selecting several images that are either related or not related to each other and images that force selection to identify a crosswalk, motorcycle or bus, etc.

webmaster · 03-25-2025 08:52:33

Some of the captchas these days are horrible - they present too big a barrier for user to pass - especially on ecommerce sites. I've made a note to look at this for a release later this year. We're wrapping up 9.4 right now and it's locked in at the moment. In the interim, be sure to place those messages into your Learn Spam folder instead of deleting them. Over time SpamAssassin will get better at filtering them out.

polarize · 03-25-2025 20:05:54

Is Spam Assassin active on your server? The last I checked Webmail wasn’t available in Siteworks. I use Gmail for my email client at the moment. Do you think Gmail would do the same as Spam Assassin?

webmaster · 03-26-2025 08:39:14

SpamAssassin is active on all Kryptronic servers and can be tuned to work a little harder if it's letting SPAM through. It doesn't matter which email client you're using - or whether we have web mail active (which we don't for security reasons), SpamAssassin works at a level before the mail hits your mailbox to identify/delete/mark SPAM. As long as you're connecting via IMAP you can teach SpamAssassin to recognize SPAM and HAM by putting messages in their respective folders when they come in. Ie: Put SPAM not marked as SPAM in the LearnSpam folder, and good mails marked as SPAM in the LearnHam folder.

Graham · 03-28-2025 10:21:55

webmaster wrote:
This is the first report I've seen of spam coming through the contact form on sites. Is it bad?

Err:

https://forum.kryptronic.com/viewtopic.php?id=35509

Fortunately the spammer who was targeting my contact form eventually gave up and went elsewhere...

Panmanjon · 07-25-2025 02:11:19

I''m also getting messages of new users registering but can not find them in my users list - I noticed today that the latest was someone with an end of .ru - I get different 'new users' on a daily basis sometimes but can never see them in the users list - any ideas on a way I can deal with this please? tks

A new user has registered
The account details are below.
ID User Email Date
22 Bexlasles mironborisov@openhook.ru
2025-07-25T04:43:24

webmaster · 07-25-2025 08:44:03

Our platform doesn't send a new user registered message, and doesn't assign numeric ids to users. This looks like straight-up SPAM that could/should be filtered out and/or disregarded.

zanart · 07-26-2025 01:43:26

Just to chip in, I get the exact same spam emails from four different multisites contact pages multiple times a day. They do get filtered out and don't bother me, but bots must be able to get past captcha.

webmaster · 07-26-2025 09:02:18

I'm going to look into better spam filtering. My inbox has seen it's share of funding approvals, loan requests, opportunities for cash, etc the past few weeks, too. If people stopped clicking and buying into spam links the whole spam industry would just die off and make the Internet a better place. Ugh.

ElectroSpares · 07-27-2025 13:36:05

As per Robs comments, agreed we get the same from all four multisites.

Just to chip in, I get the exact same spam emails from four different multisites contact pages multiple times a day. They do get filtered out and don't bother me, but bots must be able to get past captcha.

webmaster · 07-28-2025 08:56:13

What we're seeing looks to appear to be human behavior at least on the first attempt, then bots resubmit the forms on their own. Possibly. Digging into this. Thanks for the extra info.

Panmanjon · 08-04-2025 09:48:17

Ah - just found my post - thanks for the replies and info - I will not worry about them any more.

Kryptronic Software Support Forum

#1 03-21-2025 10:01:20

Contact Us Spam Emails CAPTCHA Security

#2 03-24-2025 08:51:04

Re: Contact Us Spam Emails CAPTCHA Security

#3 03-24-2025 09:08:25

Re: Contact Us Spam Emails CAPTCHA Security

#4 03-24-2025 09:21:10

Re: Contact Us Spam Emails CAPTCHA Security

#5 03-25-2025 08:52:33

Re: Contact Us Spam Emails CAPTCHA Security

#6 03-25-2025 20:05:54

Re: Contact Us Spam Emails CAPTCHA Security

#7 03-26-2025 08:39:14

Re: Contact Us Spam Emails CAPTCHA Security

#8 03-28-2025 10:21:55

Re: Contact Us Spam Emails CAPTCHA Security

webmaster wrote:

#9 07-25-2025 02:11:19

Re: Contact Us Spam Emails CAPTCHA Security

#10 07-25-2025 08:44:03

Re: Contact Us Spam Emails CAPTCHA Security

#11 07-26-2025 01:43:26

Re: Contact Us Spam Emails CAPTCHA Security

#12 07-26-2025 09:02:18

Re: Contact Us Spam Emails CAPTCHA Security

#13 07-27-2025 13:36:05

Re: Contact Us Spam Emails CAPTCHA Security

#14 07-28-2025 08:56:13

Re: Contact Us Spam Emails CAPTCHA Security

#15 08-04-2025 09:48:17

Re: Contact Us Spam Emails CAPTCHA Security

Board footer