Simple Email Spam Filtering with Microsoft C# .NET and JQuery

When I first created the website for my business ABION LLC, I put my email address on the first page, and it was a disaster to put it mildly. I was bombarded with all kinds of spam messages every day and I eventually had to shut down the email account due to all the spam. Now I have several websites, all full feature Microsoft ASP.NET MVC Web Applications with Microsoft SQL Server databases.

But also to make it easier for people to contact me, what I did was create a contact page on my CV site. This contact page is written in C# and uses one of my outlook email address to forward the messages to my gmail email address. For about a year it worked very well with little or no spam, then in the past few months spammers discovered it and started sending me the crudest spam emails like "Women in your Town Available for Sex", and also "First Page on Google SEO", since I am not dating, I am not interested in the women, and also since my web applications are hosted in the Microsoft Azure Cloud, and also since my technology blog is hosted in the Google Cloud, I already have really good Google rankings. I am totally not interested in these emails. I doubt the services offered are in fact real. They could be attempts to deliver malware to our computers where a banking trojan like Zeus is installed on our computer secretly, then next time you login to your banks website, the banking trojan scoops up your password and the next day all your money is gone!!!

Definitely bad news these spam emails, so I took a look at my Contact form software and realized it would be really easy to block the sex dating and google ranking emails actually. Much simpler than I thought it would be at first.

Here in this code block from the Contact view in my MVC web application, the C# software checks to see if the Model state is correct before sending the contact message as an email. My CV web application at michaelgworkman.com was built using the Microsoft Visual Studio Development Environment. Note that there is a variable called "WebMessage" that holds the text of the message being sent.

// Contact POST
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Contact([Bind(Include = "ContactName, ContactEmail, ContactPhone, ContactCategories_ID, WebMessage")] EmailContact emailContact)
{
	ViewBag.Message = "Michael G. Workman Contact";

 	try
 	{
		// update database with contact information
 		if (ModelState.IsValid)
		{
			db.EmailContacts.Add(emailContact);
			db.SaveChanges();

 			// create Gmailer object and initialize data
			OutlookMailer mailer = new OutlookMailer();
			mailer.ToEmail = "michael.g.workman@gmail.com";
			mailer.FromEmail = emailContact.ContactEmail;
 			mailer.FromName = emailContact.ContactName;

			// get the email category and set the email Body
 			string emailCategory = db.ContactCategories.Where(x => x.ID == emailContact.ContactCategories_ID).SingleOrDefault().category;
			mailer.Subject = "Michael G. Workman Career Inquiry - Category: " + emailCategory;
 			mailer.Body = "From Name: " + emailContact.ContactName +
			" From Email: " + emailContact.ContactEmail +
			" Phone: " + emailContact.ContactPhone +
			"<br>" + emailContact.WebMessage;

			// send email
 			mailer.Send();

			return View("ContactConfirmation");
		}
		else
 		{
			ViewBag.ErrorMessage = "Contact View, Model State Not Valid, Email Not Sent.";
			return View("~/Views/Shared/Error.cshtml");
		}
 	}
	catch (Exception ex)
	{
		ViewBag.ErrorMessage = "Error Encountered: " + ex.Message + " Inner Exception: " + ex.InnerException;
 		return View("~/Views/Shared/Error.cshtml");
	}
}
    

So, OK, we really do not want the sex emails, and also we do not want the Google SEO emails, so what do we do? One thing I thought about doing was each time I received an email, creating a list of the source email addresses and blocking those emails in the C# code. But that actually seemed like it would be alot of work. What actually would be more simple is to just check the "WebMessage" variable for certain keywords like "Sex", "Adult", "Dating", "Google", "Girls", "SEO", and each time one of these keywords is found in the WebMessage, DO NOT SEND THAT EMAIL. This was not a hard change to make at all, and this is what the C# code looks like after the changes.

if ((emailContact.WebMessage.ToUpper().Contains("ADULT") 
&& (emailContact.WebMessage.ToUpper().Contains("SEX")))
|| (emailContact.WebMessage.ToUpper().Contains("ADULT") 
&& (emailContact.WebMessage.ToUpper().Contains("DATE")))
|| (emailContact.WebMessage.ToUpper().Contains("ADULT") 
&& (emailContact.WebMessage.ToUpper().Contains("DATING")))
|| (emailContact.WebMessage.ToUpper().Contains("ADULT") 
&& (emailContact.WebMessage.ToUpper().Contains("HOT")))
|| (emailContact.WebMessage.ToUpper().Contains("GIRL") 
&& (emailContact.WebMessage.ToUpper().Contains("SEX")))
|| (emailContact.WebMessage.ToUpper().Contains("GIRL") 
&& (emailContact.WebMessage.ToUpper().Contains("DATE")))
|| (emailContact.WebMessage.ToUpper().Contains("GIRL") 
&& (emailContact.WebMessage.ToUpper().Contains("DATING")))
|| (emailContact.WebMessage.ToUpper().Contains("GIRL") 
&& (emailContact.WebMessage.ToUpper().Contains("HOT")))
|| (emailContact.WebMessage.ToUpper().Contains("WEB")
&& (emailContact.WebMessage.ToUpper().Contains("AD")))
|| (emailContact.WebMessage.ToUpper().Contains("WEB")
&& (emailContact.WebMessage.ToUpper().Contains("ADVERTISEMENT")))
|| (emailContact.WebMessage.ToUpper().Contains("OAKLEY") 
&& (emailContact.WebMessage.ToUpper().Contains("RAY BAN")))
)
{
	// make error message
	ViewBag.ErrorMessage = "Invalid Message Content, Message Not Sent";

	// show error message
	return View("~/Views/Shared/Error.cshtml");
}
else
{
	// send email code here
}		

However, this C# code only works on the server, all web applications also have a client side, which is usually HTML and Javascript. In the case of my CV site at michaelgworkman.com, I also use JQuery for the form validation. So, to be thorough with our Spam Filtering, we should also have filtering on the client side in the JQuery code. This also is not a difficult change, we do the same checks of the WebMessage as in the C# code, but this time in the JQuery code. When one of the keywords is found, we display a message of INVALID CONTENT and do not submit the form:

// Web Message
if (webMessage.val().trim() == "") {
	formValidated = false;
	webMessage.after("<span class='error' style='color:red;'>Message Required</span=><br/>");
}
else if (((webMessage.val().toUpperCase().indexOf("ADULT") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("SEX") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("ADULT") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("DATE") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("ADULT") >= 0)
 	&& (webMessage.val().toUpperCase().indexOf("DATING") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("ADULT") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("HOT") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("GIRL") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("SEX") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("GIRL") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("DATE") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("GIRL") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("DATING") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("GIRL") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("HOT") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("WEB") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("AD") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("WEB") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("ADVERTISEMENT") >= 0))
	|| ((webMessage.val().toUpperCase().indexOf("OAKLEY") >= 0)
	&& (webMessage.val().toUpperCase().indexOf("RAY BAN") >= 0))
{
	formValidated = false;
	webMessage.after("<span class='error' style='color:red;'>Invalid Content</span><br/>");
}

Of course, you can add as many keywords as you want to block spam emails, instead of just the limited selection here.

So to show this in action, this is what the spammers will see when trying to submit a sex message with the keywords "Hot Girls", they will get an "invalid content" message in red text like the following:

And also in this next example, they will get the same message when trying to submit a message of ADULT DATING:

Now with the simple code changes we have made, it should filter out the majority of the SEX and SEO emails. When the website used gets the INVALID CONTENT message, their message is not forwarded as an email, but is blocked. However, legitimate messages like the following are not blocked and still get sent out:

And then, since this message is not blocked, this is the email that gets sent to my main gmail email address, forwarded from my outlook email address, which the CV web application uses to send emails:

These changes will be very effective at blocking the spam emails being sent by the contact form at my CV web application at michaelgworkman.com. If we wanted to, we could also do filtering of code words in the email, name, and phone fields.

To see the entire source code for the CVitae Microsoft C# .NET MVC Web Application, visit this link on the Microsoft Azure DevOps website: CVitae Web Application

This example C# .NET program was created in Microsoft Visual Studio IDE running on Windows 10. Microsoft Visual Studio Community Edition is a free download, while the Professional and Enterprise versions can be purchased.

To see my Curriculum Vitae, go to Michael G Workman CV

To see my projects on Microsoft Azure Devops, go to https://dev.azure.com/AbionTechnology/

To see my Posts and Answers on Stack Overflow, go to Michael G. Workman on Stack Overflow

 If you have any questions about CC++Microsoft C# .NET,  Microsoft Azure Cloud, Unix, Linux, and/or Mobile Apps, please feel free to contact me by email at:

michael.g.workman@outlook.com

Popular Posts