In news:hnuaf5+ACQ-8tp+ACQ-1+AEA-DailyPlanet.news.netobjects.com,
Pete +ADw-pjb120255+AEA-yahoo.com+AD4- typed:
+AD4- I have a form which is being abused sometimes with foul
+AD4- language and I need a way to trace where the forms are
+AD4- coming from. The current form is in asp under site
+AD4- preference so when it arrives at the moment it is from the
+AD4- address I dictated on set up. What I need to do is find out
+AD4- who is sending the mail without them knowing, I am only a
+AD4- basic net objects person nothing to technical please if
+AD4- that is possible. Thanks Pete

I could be wrong, but I've never heard of ASP being good at
forms protection. PHP is the usual choice IMO since it hides
all the serious activity on the server-side and the user never
gets to observe what you're doing. Unless they're behind a
good proxy, it's almost trivial to get hold of their IP during
the form-filling process, get the ISP being used (legally or
illegally), and in the extreme even trace it back as far as
the user, assuming you find a friendly and white-hat ISP
that's serious about protecting their customer's interests.
PHP handles those things readily in most cases, depending on
the version used.

If vulgar language is your biggest problem, it's not really
much of a problem. It'll get to be a lot bigger problem
if/when someone suddenly starts to use your forms etc. for
sending spam and other nefarious acts that can get your ISP to
pull your site down or put you on probation.
For bad language, it should be rather simple to just set up
a filter to drop such posts on the floor instead of sending
them. Or better yet, just tighten up your input validation so
they can't send such a mail. With PHP and .htaccess, you
would even ban them from ever entering your site, in fact.
Only a truly screwed up person might just come back under
another name, which you could add again, until they run out of
options.

I despise Captha with almost a passion sometimes because some
forms of it make it even harder on the visitor than it does on
the robots +ACY- hackers to try to use. IMO no code that's not
readily readable should ever be used.

Here's some reading for you on the subject if you wish to
peruse some sights. None of the sites below tried to probe or
do anything more malicious to me than drop a cookie or two on
me, so they should all be +ACI-safe+ACI- IMO, though I obviously can't
guarantee that. Google has a lot of good information but
beware+ADs- some other sites are completely black and
untrustworthy+ADs- do not leave a good e-mail address there if you
have to for any reason: Use a throw-away instead.

http://www.webformantispam.com/
Well worth reading even if the booklet is of no interest to
you.

https://www.ftccomplaintassistant.gov/

http://forums.whirlpool.net.au/forum...fm/865142.html

http://php.resourceindex.com/Complet...F8-Processing/

HTH,

Twayne+AGA-





--
--
Life is the only real counselor+ADs- wisdom unfiltered
through personal experience does not become a
part of the moral tissue.