Skip to content

Spam Protection Basics

Overview

Your time is limited, so we want to make sure the only submission data that hits your inbox is sent by humans, not bots. Basin offers a comprehensive suite of spam filtering options you can add to your forms to ensure only legitimate submissions reach your inbox.

Why Spam Protection Matters

Spam filtering is one of the most challenging aspects of operating a form service. Everyone has different tolerance levels for spam they're willing to sort through or expect to be filtered automatically. We implement robust spam filtering to protect our email sending reputation, which enables us to deliver your form submissions to your inbox instead of your spam folder.

Types of Spam Protection

Basin provides two main categories of spam protection:

1. Automated Backend Filters

These are configured in your form's settings and work automatically:

  • AI-Powered Content Analysis - Using Spamcheck.ai for intelligent spam detection
  • Cloudflare WAF Protection - First line of defense against dark web and known bots
  • Duplicate Detection - Automatically flags identical submissions
  • Email Validation - Ensures email addresses are real and deliverable
  • Geographic Filtering - Block or allow submissions from specific countries/regions
  • Language Detection - Filter submissions based on detected language

2. Form-Level Protection

These require implementation in your HTML form:

  • CAPTCHA Solutions - Human verification (reCAPTCHA, hCAPTCHA, Turnstile)
  • Honeypot Fields - Hidden fields that trap bots
  • Domain Restrictions - Only accept submissions from specific domains/sites

Layered Approach Strategy

Basin supports multiple CAPTCHA solutions like Cloudflare Turnstile, Google reCAPTCHA v2 and v3, and hCAPTCHA. However, since these all serve the same fundamental purpose of distinguishing between human and automated traffic, only one CAPTCHA solution should be implemented at a time.

In contrast, Basin's other spam filtering options address different aspects of spam prevention and can be effectively combined with any chosen CAPTCHA solution, providing a comprehensive and layered approach to securing your forms.

SpamCheck Versions

Basin uses two versions of SpamCheck for content analysis:

  • Version 1: Basic spam detection (legacy)
  • Version 2: Enhanced features including Invalid Email Filter, Burner Email Filter, and Risky URL Whitelist

New forms automatically use Version 2, but Version 1 remains available for existing users.

Managing False Positives

There will always be some percentage of false positives with any spam filtering system. We recommend these techniques to ensure you review all potential false positives:

  • Configure Webhooks - Can trigger regardless of spam status
  • Regular Spam Folder Reviews - Check your spam folder frequently
  • Enable Spam Summary Emails - Get notified about flagged submissions

Important

Basin retains spam for 30 days before permanent deletion. Review your spam folder regularly to avoid losing legitimate submissions.

Getting Started

  1. Choose Your CAPTCHA Solution: Select one of the three supported options based on your needs
  2. Configure Backend Filters: Enable appropriate filters in your form settings
  3. Implement Form Protection: Add honeypot fields and configure domain restrictions
  4. Monitor and Adjust: Regularly review spam folders and adjust settings as needed

The following sections will guide you through implementing each type of protection for optimal results.