A spambot is an automated computer program designed to assist in the sending of spam.
Email spambots collect e-mail
addresses from the Internet
in order to build mailing lists for sending unsolicited e-mail, also known as spam
. Such spambots are web crawlers
that can gather e-mail addresses from Web sites, newsgroups, special-interest group (SIG) postings, and chat-room conversations. Because e-mail addresses have a distinctive format, spambots are easy to write. A number of legislators in the U.S. are reported to be devising laws that would outlaw the spambot.
A number of programs and approaches have been devised to foil spambots. One such technique is known as address munging, in which an e-mail address is deliberately modified so that a human reader (and/or human-controlled Web browser) can decode it but simple spambots cannot. This has led to the evolution of sophisticated spambots that can recover e-mail addresses from character strings that appear to be munged, or rendering the text into a web browser and then scraping the rendered text for email addresses. Alternative transparent techniques include displaying all or part of the e-mail address on a webpage as an image, a text logo shrunken to normal size using inline CSS, or as text with the order of characters jumbled and restoring the order using CSS, where users are then able to see the address. Although these methods combat spambots, some are not compatible with web page accessibility standards.
The term spambot is sometimes used in reference to a program designed to prevent spam
from reaching the subscribers of an Internet service provider
(ISP). Such programs are more often called e-mail blockers or filters
. Occasionally, such a blocker may inadvertently prevent a legitimate e-mail message from reaching a subscriber. This can be prevented by allowing each subscriber to generate a whitelist
, or a list of specific e-mail addresses the blocker should let pass.
Forum spambots surf the web, looking for guestbooks
and any other web forms
to submit spam links to the web forms it finds. These spambots often use OCR
technology to bypass CAPTCHAs
present. Some spam messages are targeted towards readers and can involve techniques of target marketing
or even phishing
, making it hard to tell real posts from the bot generated ones. Not all of the spam posts are meant for the readers; some spam messages are simply hyperlinks
intended to boost search engine ranking
This category of spambots has gained considerable notoriety since November 2006, with the introduction of XRumer, a forum and wiki spambot which can often bypass many of the safeguards administrators use to reduce the amount of spam posted.
The easiest way to prevent spambots from posting on forums, wiki, guestbook, etc. is to enable email activation by installing a mail server on the host (eg: Sendmail, Postfix, Exim.), since most spambot scripts use fake or randomly generated names on real email providers, the emails will mostly never be successfully routed to them.