We are seeing similar issues
So far Marketo is not giving us any options on how to prevent these leads to enter Marketo database
I welcome any solution that is robust for this issue.
Thanks a lot
As I mentioned in the other thread Spam Form Fills, you need to make sure that your reCAPTCHA verification step (the webhook call) fires before any other steps that would sync the lead with other systems. For example, Sync to SFDC must not run if the reCAPTCHA fails, and any other fields that indicate a lead is "safe to sync" should not be set.
Thanks for the reply. i am confused. I thought that SFDC sync with Marketo happens every 5 minutes. How do we prevent a sync in this case?
If a Marketo lead has never been synced before, then the 5 minute resync doesn't pertain to that lead.
It would be wonderful if there was a blacklist or safety valve further up the pipeline, so I could prevent all these from flowing in to Marketo (and then further up the pipe into our CRM, etc.)
It would also be wonderful if the spam IP submission thresholds were user-editable, so I could set some limits that are sane and appropriate for the size of our business.
usually just filtering out email domains that are entirely spam, like @qq.com.
One of China's largest email providers != entirely spam.
The reason you see a lot of forged @qq.com addresses is that it's easy to create valid, or simply valid-looking, addresses at that domain because legitimate mailboxes there are all numbers (while no well-formed email address at any domain can actually be known to be valid/invalid just at a glance, this is made even clearer w/QQ because email@example.com could be made-up and firstname.lastname@example.org could be real).
If you don't get legit leads from overseas, that's an even stronger reason to use reCAPTCHA.
Sanford Whiteman Fair point. Didn't mean to paint qq.com with too broad a brush - what I meant was, so far in our experience we have only received spam form submissions from that domain. As of this morning we've had thousands of them, all using the same data for other fields like First & Last Name.
We do get many legit leads from overseas, however, and are reluctant to implement reCAPTCHA (friction is friction!)
I don't mind dealing with an occasional burst of spam - I just wish I had a couple extra tools in my Marketo configuration toolbelt to filter/block them when it happens.
The idea of the invisible reCAPTCHA is that it's frictionless unless automated fingerprinting doesn't work.
As I responded on another thread, reCAPTCHA exists because no other technology works, and with major sites having adopted it, should be routine at this point.