2

On a daily basis I receive huge amounts of spam via a contact form. The content of these spam emails is very similar like this example:

Ïîñëåäíèè íîâîñòè àðìåíèè ÷èòàéòå íà ñàéòå somedomainname.com

For this specific kind of spam I would like to add PHP detection of 3 consecutive special characters because it would never occur in a legitimate email (at least it hasn't in the last 10 years). What would be a smart way to accomplish this?

edit: I'm not sure how I should classify these characters. They all have some kind of accent as shown in the example.

Shotputty
  • 31
  • 4
  • How much is this _huge amount of spam_? – Spoody Jul 31 '18 at 08:48
  • There is no such thing as a "special character" in this context. You seem to be trying to render utf-8 as Latin-1. – Dragonthoughts Jul 31 '18 at 08:51
  • 2
    How about using a captcha? – simon Jul 31 '18 at 08:53
  • @simon reason I asked that question xD – Spoody Jul 31 '18 at 08:54
  • 1
    How do you know it would never occur in a legitimate email? What if the sender happened to be writing to you in Korean, or just happens to like emoji? You're probably better off using some alternate such as IP blocking or similar. – GordonM Jul 31 '18 at 08:58
  • This appears to be an [XY-Problem](https://meta.stackexchange.com/questions/66377/what-is-the-xy-problem). Rather ask in how to fight spam mail in a more suitable way. – k0pernikus Jul 31 '18 at 09:20
  • I get about 15~20 of these daily, but filtering them from the legitimate mail is a hassle because they use a normal from-name. – Shotputty Jul 31 '18 at 10:25

2 Answers2

1

based on this other question : how to check for special characters php

you can use regular expression on the content of your mail :

if (preg_match('/([Ïîñëåäíèè]){3}/', $contentOfMail))
{
    // $contentOfMail contains at least one set of 3 specials characters back to back
}

I let you fill all the characters you need to match in the regex

MathRak
  • 46
  • 4
0

To check for the presence of one or more letters, you can use the native function of PHP strpos as the example below. Otherwise you can also use regular expressions but for the basic verification and for a performance issue, it is advisable to use the native PHP functions.

 $mystring = $_POST['message'];
    $findme   = 'Ïîñëåäíèè';

        $pos = strpos($mystring, $findme);

        // Note our use of ===.  Simply == would not work as expected
       // because the position of 'a' was the 0th (first) character.
if ($pos === false) {
    echo "The string '$findme' was not found in the string '$mystring'";
} else {
    echo "The string '$findme' was found in the string '$mystring'";
    echo " and exists at position $pos";
}
Barry
  • 3,303
  • 7
  • 23
  • 42
Yona Smilevitch
  • 161
  • 9