Preventing Bot Spam From Damaging Your Sender Reputation

bot spam

What is Bot Spam?

“Bot spam” or “web crawler spam”, as it is commonly referred to, is usually the result of website form fields that are not properly secured to prevent the transmission of spam messages. Typically, the bots that cause this issue are programmed to search the internet for website form fields and insert spam messages into them. These form fields are most commonly found on a “Contact Us” page. The spam messages generated are directed to the email address or addresses set up to receive messages from website forms. Bot spam messages are easy to identify, as they are commonly composed of meaningless strings of words with advertisements placed somewhere in the message content.

How Does it Affect Me?

Bot spam can quickly damage your reputation as an email sender. Typically, when someone fills out a website form on a company website, the email that is generated has a from address with the company’s domain. For example, if a customer fills out a website form on the “Contact Us” page at “examplecompany.com”, the email generated with the website form content would have a from address of “[email protected]” and a to address of “[email protected]”. Because of this, the spam message appears to originate from the company domain and negatively affects its sender reputation, which could result in email deliverability issues. Sending spam to your own domain can still be harmful; major providers do not necessarily identify who you are sending to, only that you are sending messages with spam content. If the provider identifies spam messages, your reputation would be harmed and you would have difficulties sending to any other organization or address that uses the same provider for inbound mail.  As a SocketLabs On-Demand customer, each bot spam message that processes through your server is counted toward your monthly allotment. If left uncontrolled, bot spam messages can quickly add up, causing many unnecessary and malicious emails to be processed through your server.

How Can I Prevent Bot Spam?

There are a few ways to thwart bot spammers, the most popular being implementing a captcha in your web form.  This is probably the most effective method stopping bots from automatically filling out your form.  If you are unable to create a captcha, there are a few other methods:

Hidden Form Fields

Hidden form fields are invisible to humans, but a bot filling out your form will detect these fields and submit information to them.  You can configure your web page to automatically ignore submissions for which these fields are filled.

Time Difference Tracking

Another aspect that sets bots apart from humans is that they are much faster, populating the form with data and submitting it within a second or two.  By tracking the time between the request of the page and the submission of the form, you can easily sort out bots from humans. The one drawback to this method is that it requires some tweaking of the time threshold required to accept a submission.

Scanning the Message

It is always possible to scan the message with a spam-scanning protocol such as Apache’s SpamAssassin.  Spam filtering systems are extremely effective at eliminating spam, but keep in mind that they are liable to filter out small amounts of legitimate mail.

These are all effective methods, but in the end it really depends on your business’s specific needs.  If you need additional help with bot spam, you can always contact us at [email protected].