Comments on: Stopping Web to Lead Spam http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/ Authored by Scott Hemmeter of Arrowpointe Corp, this blog is written from the perspective of a Salesforce.com solution provider and contains information on Arrowpointe's AppExchange products as well as tips, findings, sample code, functionality wishes, etc. Wed, 20 Aug 2008 18:17:02 +0000 http://wordpress.org/?v=2.6 By:   Salesforce spam: fixing web-to-lead by tins ::: Rick Klau’s weblog http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-35871   Salesforce spam: fixing web-to-lead by tins ::: Rick Klau’s weblog Tue, 04 Sep 2007 13:01:38 +0000 http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-35871 [...] at Arrowpointe for their suggestions over at Perspectives on Salesforce blog. Two weeks ago, they documented their approach, which is conceptually what we’ve [...] [...] at Arrowpointe for their suggestions over at Perspectives on Salesforce blog. Two weeks ago, they documented their approach, which is conceptually what we’ve [...]

]]> By: Marco Casalaina http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-17998 Marco Casalaina Wed, 02 May 2007 23:45:35 +0000 http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-17998 Here's an additional idea: Assuming these spammers are not submitting via your form really, but just capturing your orgId and submitting forms directly to SFDC, you can add a custom field to Lead (or Case in Web To Case) -- let's call the field NoSpam. Then add the NoSpam field to your Web To X page as a hidden input field. Add an OnClick to the submit button which triggers some Javascript that fills that field with a set value (like "nospam") (but come up with something else at random so spammers don't just figure it out). Then you can easily detect if a human actually clicked the Submit button -- only humans will have the expected value in the NoSpam field! So your validation rule would just be: AND (ISPICKVAL ( Origin , "Web") , NoSpam__c"nospam") This won't defeat the most dedicated spammers who actually automate clicks on your forms, but it will work against spambots that just blindly submit form data without respect to form contents and Javascript. You could use this in concert with the validation rule described above to get a decent decrease in overall spam volume. Here’s an additional idea:

Assuming these spammers are not submitting via your form really, but just capturing your orgId and submitting forms directly to SFDC, you can add a custom field to Lead (or Case in Web To Case) — let’s call the field NoSpam. Then add the NoSpam field to your Web To X page as a hidden input field. Add an OnClick to the submit button which triggers some Javascript that fills that field with a set value (like “nospam”) (but come up with something else at random so spammers don’t just figure it out). Then you can easily detect if a human actually clicked the Submit button — only humans will have the expected value in the NoSpam field! So your validation rule would just be:

AND (ISPICKVAL ( Origin , “Web”) , NoSpam__c”nospam”)

This won’t defeat the most dedicated spammers who actually automate clicks on your forms, but it will work against spambots that just blindly submit form data without respect to form contents and Javascript. You could use this in concert with the validation rule described above to get a decent decrease in overall spam volume.

]]> By: Scott Hemmeter http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-8832 Scott Hemmeter Tue, 20 Feb 2007 19:43:33 +0000 http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-8832 JRoe: I forgot to put < code > tags around the code in the blog post. Without it, Wordpress rendered the double-quote characters as a more readable double-quote character. When you copied it into Salesforce, it saw an error because the double-quote characters were invalid. Try copying it again. It should work. JRoe:
I forgot to put < code > tags around the code in the blog post. Without it, Wordpress rendered the double-quote characters as a more readable double-quote character. When you copied it into Salesforce, it saw an error because the double-quote characters were invalid.

Try copying it again. It should work.

]]> By: JRoe http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-8829 JRoe Tue, 20 Feb 2007 19:09:13 +0000 http://sfdc.arrowpointe.com/2007/01/31/stopping-web-to-lead-spam-poor-mans-way/#comment-8829 This is a great idea. This type of spam nearly shut down one site on which I had salesforce deployed. I entered your validation script and for some reason I keep getting a syntax error in the first 2 lines. Any thoughts as to why? This is a great idea. This type of spam nearly shut down one site on which I had salesforce deployed.

I entered your validation script and for some reason I keep getting a syntax error in the first 2 lines. Any thoughts as to why?

]]>