The Spammer Have Won Again!

Discussion about the phpList community

The Spammer Have Won Again!

Postby thebitbotdotcom » 12:49am, Sat 01 Jan, 2011

Well, I finally had to discontinue use of PHPLIST...AGAIN! This make the third time!

Why? SPAM...BOT SIGNUPS...ONE AFTER ANOTHER...exceeding legitimate signups at a rate of ten to one.

They are obviously bots. All of them bounce. This is highly annoying.

This would easily be fixed by simple CAPTCHA integration into the form, but, UNFORTUNATELY, IN 2011, IT LOOKS LIKE PHPLIST STILL DOESN'T SUPPORT SIMPLE CAPTCHA...


Sure, I know that there are CAPTCHA hacks that can be installed, IF YOU ARE A PHP CODER!!!

I have tried them all, UNSUCCESSFULLY. I am not a coder nor am I a hacker. I am just an average Joe and each and every attempt I have made to integrate CAPTCHA has failed miserably.

Can somebody help? In 2011, can a CAPTCHA option be made standard for PHPLIST so as to bring it up to BARE AND ESSENTIAL MINIMAL bot spam prevention standards?

Am I the only one asking this? If PHPLIST can't prevent a simple bot signup by automatically integrating some form of CAPTCHA, what good is it? Do the developers even give a %%^&???

Posts: 8
Joined: 12:48pm, Sun 05 Sep, 2010

Re: The Spammer Have Won Again!

Postby H2B2 » 12:42am, Wed 05 Jan, 2011

I expect they do. However it appears that currently the development team is quite small and needs to make a living too. :wink:

Anyway this is an experimental config.php option the developers implemented some time ago, for which they requested feedback from users like yourself:
Spam block

Since version 2.10.4 you can use the experimental spam block setting to detect spam bots.

# add spamblock
# if you set this to 1, phplist will try to check if the subscribe attempt is a spambot trying to send
# nonsense. If you think this doesn't work, set this to 0
# this is currently only implemented on the subscribe pages

# notify spam
# when phplist detects a possible spam attack, it can send you a notification about it
# you can check for a while to see if the spam check was correct and if so, set this value
# to 0, if you think the check does it's job correctly.
# it will only send you emails if you have "Does the admin get copies of subscribe, update and unsubscribe messages"
# in the configuration set to true

If you used this setting and if it didn't reduce or stop spam bots, then I suggest you post your findings/feedback at

As an alternative, you could take a look at this mod: Spam Block Prevention mod - Bad Behaviour 2
Posts: 7188
Joined: 1:51am, Wed 15 Mar, 2006

Re: The Spammer Have Won Again!

Postby thebitbotdotcom » 12:17am, Mon 10 Jan, 2011

I have both of those enabled...Bad Behavior and the PHPList Anti-SPAM config.

It catches some, mainly the ones where the name and address are gibberish such as ""

But the ones that use actual words such as ""

get right through, one after another sending out confirmation emails left and right.

A simple two dollar CAPTCHA would fix this. That is why I am not surprised PHPList comes with one.

So, yes it works, just not well enough. Spammers VERY EASILY adapted.
Posts: 8
Joined: 12:48pm, Sun 05 Sep, 2010

Re: The Spammer Have Won Again!

Postby roomshambles » 4:29pm, Wed 19 Jan, 2011

putting a CAPTCHA will fix the problem dude... it doesn't cost much but it will definitely help...
phpList newbie
Posts: 1
Joined: 4:23pm, Wed 19 Jan, 2011

Re: The Spammer Have Won Again!

Postby blaine69 » 8:48pm, Fri 02 Sep, 2011

What file will I find the SUBMIT FORM?

If I accomplish adding Captcha... I will post how I did it here!!!

Thanks in advance.
phpList newbie
Posts: 4
Joined: 5:22am, Thu 17 Feb, 2011

Re: The Spammer Have Won Again!

Postby seahawk » 8:46pm, Tue 21 Jan, 2014

Were you ever able to do it?


Posts: 7
Joined: 2:44pm, Sun 28 Mar, 2010

Return to Community

Who is online

Users browsing this forum: No registered users and 1 guest