Simple security verification for input form ?

I want to add functionality to a band web site where people can enter their email address to sign up for the mailing list. It seems obvious that I need to protect against a bot however unlikely that may seem. Some sort of bot could continually add email addresses to the mailing list until my SQL database has millions of unwanted records otherwise I suppose.

The typical solution to this seems to be where you are shown a picture of letters to a word and you have to enter the word in a form. Is there a Rails module for this out there that I can use ?

It occured to me I could also invent some sort of simpler security system where I do something like print a conextual question such as:

who is the president of the USA ?

here are 4 words, cat, dog, run, frog. Which one is a verb and which of the others is not a mamal ?

However, I may need some way of randomly generating numerous questions and I suppose if this was a good approach there would be more of these out here, whereas the letters as images seems more common.

1) Captcha Plugin (with images):

2) Brain Buster (a logic Captcha with Questions)        Home

Have fun.

Do you think these kind of bots are very common ? I was thinking of setting up something like a max record field for know as an easy solution until I have time to install one of these Captcha modules which looks like a bit of work. Basicaly I would just have a field in my top level record set to 500, 1000 or something and if that many mailing list records where ever created, it would not allow any more to be created. Then I would have to go in and delete whatever ones where there. I'm not sure if this would ever really happen or not with a bot ? At the moment I am not set up for search engines as my site is still under construction.

I can'T really say how common such bots would be. Bosts mostly spam comments etc. with spam, i dont see a real use for a spammer to make his bots flood a newsletter input field.... he won't get anything out of it.

However, implementing the Captcha plugin is not a big deal, you only need to habe ImageMagick and the RMagick gem installed, and basically add a few helpers to the view, and a vlaidates_as_captcha Validation to the Model ...

Just take a look, it should not be too hard. But if you think deleting spam manually (which is not that big of a threat for a newasletter system) will work for you, go for that. you can implement Captcha anytime later....

I thought of any easy puzzle which should be minimal coding:

2 frogs + 3 cats + 7 frogs = how many frogs ?

the most complex you could get, which I think is still pretty easy could be:

3 slimy frogs + 2 yellow frogs + 3 yellow cats = how many slimy frogs ?

or how many yellow things ?


This is exactly what BrainBuster does - its a logic captcha. I wrote it. More details here:

- rob