General Question: Contact Form Spam + SMTP

  • Hi,

    We are getting SPAM links submitted from our website contact forms. We use Gravity Forms.

    We also use Postman SMTP.

    Our IT department has suggested NOT using GMAIL for our SMTP(?) From address and use one of our own. This is in an effort to better track SPAM, according to them.

    The problem is, I do not understand why using our own email address would make a difference.

    I also don’t know how to set up an email plugin NOT using gmail.

    Can someone sort of help me understand why I may want to use our own email for SMTP as opposed to gmail – which seems to be the defacto choice?

    Thanks! Could really use the understanding.

Viewing 6 replies - 1 through 6 (of 6 total)

  • Your IT department ( in my humble opinion, but I do know a bit about spam ) are heading down the wrong rabbit hole.

    Switching email providers is a bit like bolting the stable door after the horse has bolted.

    The contact form spam is happening at the contact form, there after it is just an email transport through email server, which may or may not block spam downstream.

    The problem is you have to ‘trust’ your own website, so blocking it is not feasible.

    What you need to do is to stop spam at the Gravity Forms point.

    There are plugins that do that. ( Including one I developed, I won’t provide the link as that might be considered spam )

    Thread Starter tom1899

    (@tom1899)

    Thanks Alan,

    The problem with the email spam is that we are getting URLS within the message. And no matter how much you try to educate employees – someone os going to click something.

    It seems as though a simple “Do not alLow URLS in the message” Button – would be a great addition to any contact forms product (Gravity, CF7, WPForms, etc)

    But I guess it is more involved than that.

    Does your plugin help in that regard? ( I will go read up on it also)

    With a bit of coding it is not difficult with gravity forms to filter the content to remove live links.

    Its not a bad idea, I might add that concept as option too!

    Thread Starter tom1899

    (@tom1899)

    Alan,

    I found this code that someone posted on another site. They put it in the functions.php page – but I am not sure where to put it on that page.

    1 – Does this code look good?
    2 – Can you let me know where to put it? Does it just go at the bottom of the page?

    // add custom validation to form
add_filter( 'gform_field_validation_74_7', 'validate_phone_74_7', 10, 4 );
function validate_phone_74_7( $result, $value, $form, $field ) {
    $nourl_pattern = '(http|https)';
    if ( preg_match( $nourl_pattern, $value ) ) {
    $result['is_valid'] = false;
    $result['message']  = 'Message can not contain website addresses.';
}
return $result;
}

    thanks.

    Yes you can add it to the end of functions.php

    As gravity forms is a premium product it is not meant to be supported on these forums. I’d happily help but I think the moderators would jump in.

    I suggest you go to the Gravity Forms forum https://community.gravityforms.com/

    Thread Starter tom1899

    (@tom1899)

    I will reach out to Gravity Forms. I would rather it send after stripping out the URL. Not telling the user that they need to remove the URL. That seems like that might escalate the problem in a % of cases.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘General Question: Contact Form Spam + SMTP’ is closed to new replies.

Tags