(I couldn't add this to the guestbook - it said something about naughty words?)

Some thoughts about guestbook spamming:

I wonder maybe you could simply put a hidden field with the time in it - and only accept comments with the time a minimum time ago, so say someone took at least 5 seconds or so to fill in the form properly? (and maybe a maximum time ago? So the spammer doesn't just keep using the same form over and over again...)

I wonder if the spammers even GET the comment page before POST ing their junk ... maybe make their task harder by changing the names of the form elements each time?

Anyway, keep up the good Python work.

Cheers,

Andy.
Andy | Homepage | 05/11/29 - 10:46 am | #

The guestbook *already* has the following anti-spam features :

* naughty word filter (blocks posts containing a list of user maintained keywords)
* The POST must be from the same IP as the GET, and within 15 minutes (which is what you suggested)
* Entries with more than two URLs are blocked

I think there may be a bug in code that checks the POST is from the same IP as the GET, when I add the DNS blacklist lookup, then I'll fix it.
Fuzzyman | Homepage | 05/11/29 - 12:30 pm | #