It surprises me how much effort spammers put into their craft. DrQue.net hosts the site 'Drink'n Drano
' for a friend of ours, which has a guest book. Back in January, the guest book started getting solicitation posts. When it happened, I thought to myself "well, they must not have known the site doesn't even get 10 visitors a day (most of which are search engines)". Regardless, the spam was a nuisance. I did a search on google
for something like "php image number verification" and found this site
. I copied it almost line for line and in about 10 minutes, had it working.
Then, much to my surprise, said spammer decided the revenue opportunities presented by not even 300 visitors a month site were too great to pass up. They implemented some system to do OCR and continued their spam efforts.
I decided to put forth a little more effort. With a little searching, I discovered the term "CAPTCHA
" which is an acronym for "completely automated public Turing test to tell computers and humans apart". Through a good article on wikipedia
, I found several PHP captcha implementation. I selected "freeCap 1.4
" because it seemed to have the most readable text, while producing output similar to captchas deemed "pretty good" by PWNtcha
, a site devoted to decoding captchas with AI.
's guest book spoofs their IP address, using a different IP each request they make.
is licensed under GPL, I'm required to make public my modifications. You can download my modified version of freecap.php source here
My conclusions on the matter leaves me with one question: Why all the vain effort? Say I had given up and decided not to take additional measures with the guest book. There is no way that the effort needed to setup the spamming of an extremely low traffic site would have ever made enough/any money to warrant such work. Are spammers grasping at straws? Or are they just looking to turn the entire Internet into an irritating realm of scams and misinformation?