Page 1 of 1

The Spammer Have Won Again!

PostPosted: 12:49am, Sat 01 Jan, 2011
by thebitbotdotcom
Well, I finally had to discontinue use of PHPLIST...AGAIN! This make the third time!

Why? SPAM...BOT SIGNUPS...ONE AFTER ANOTHER...exceeding legitimate signups at a rate of ten to one.

They are obviously bots. All of them bounce. This is highly annoying.

This would easily be fixed by simple CAPTCHA integration into the form, but, UNFORTUNATELY, IN 2011, IT LOOKS LIKE PHPLIST STILL DOESN'T SUPPORT SIMPLE CAPTCHA...


Sure, I know that there are CAPTCHA hacks that can be installed, IF YOU ARE A PHP CODER!!!

I have tried them all, UNSUCCESSFULLY. I am not a coder nor am I a hacker. I am just an average Joe and each and every attempt I have made to integrate CAPTCHA has failed miserably.

Can somebody help? In 2011, can a CAPTCHA option be made standard for PHPLIST so as to bring it up to BARE AND ESSENTIAL MINIMAL bot spam prevention standards?

Am I the only one asking this? If PHPLIST can't prevent a simple bot signup by automatically integrating some form of CAPTCHA, what good is it? Do the developers even give a %%^&???


Re: The Spammer Have Won Again!

PostPosted: 12:42am, Wed 05 Jan, 2011
by H2B2
I expect they do. However it appears that currently the development team is quite small and needs to make a living too. :wink:

Anyway this is an experimental config.php option the developers implemented some time ago, for which they requested feedback from users like yourself:
Spam block

Since version 2.10.4 you can use the experimental spam block setting to detect spam bots.

# add spamblock
# if you set this to 1, phplist will try to check if the subscribe attempt is a spambot trying to send
# nonsense. If you think this doesn't work, set this to 0
# this is currently only implemented on the subscribe pages

# notify spam
# when phplist detects a possible spam attack, it can send you a notification about it
# you can check for a while to see if the spam check was correct and if so, set this value
# to 0, if you think the check does it's job correctly.
# it will only send you emails if you have "Does the admin get copies of subscribe, update and unsubscribe messages"
# in the configuration set to true

If you used this setting and if it didn't reduce or stop spam bots, then I suggest you post your findings/feedback at

As an alternative, you could take a look at this mod: Spam Block Prevention mod - Bad Behaviour 2

Re: The Spammer Have Won Again!

PostPosted: 12:17am, Mon 10 Jan, 2011
by thebitbotdotcom
I have both of those enabled...Bad Behavior and the PHPList Anti-SPAM config.

It catches some, mainly the ones where the name and address are gibberish such as ""

But the ones that use actual words such as ""

get right through, one after another sending out confirmation emails left and right.

A simple two dollar CAPTCHA would fix this. That is why I am not surprised PHPList comes with one.

So, yes it works, just not well enough. Spammers VERY EASILY adapted.

Re: The Spammer Have Won Again!

PostPosted: 4:29pm, Wed 19 Jan, 2011
by roomshambles
putting a CAPTCHA will fix the problem dude... it doesn't cost much but it will definitely help...

Re: The Spammer Have Won Again!

PostPosted: 8:48pm, Fri 02 Sep, 2011
by blaine69
What file will I find the SUBMIT FORM?

If I accomplish adding Captcha... I will post how I did it here!!!

Thanks in advance.

Re: The Spammer Have Won Again!

PostPosted: 8:46pm, Tue 21 Jan, 2014
by seahawk
Were you ever able to do it?