Advanced Spam Protection Features
Basin offers a comprehensive suite of advanced spam protection features that work alongside or independently of CAPTCHA solutions. These powerful filters provide layered protection against automated abuse and spam submissions.
Overview
Basin's advanced spam protection features fall into two categories:
Automatic Backend Filters
These filters are configured in your Basin dashboard and work automatically when enabled: - AI-Powered Content Analysis (SpamCheck.ai), always enabled - Duplicate Detection - Email Validation and Filtering - Geographic and Location-Based Filtering - Language Detection - Domain Restrictions - Lead Agent Scoring
Form-Level Protection
These require implementation in your HTML form: - Honeypot Fields - Custom Field Validation
AI-Powered Spam Detection
SpamCheck.ai Integration
Basin uses SpamCheck.ai for intelligent spam detection. This machine learning system continuously evolves to better identify spam content.
Features: - Real-time content analysis - Pattern recognition - Adaptive learning - Low false positive rates
SpamCheck Version Migration
Basin offers two versions of SpamCheck:
- Version 1: Basic spam detection (legacy support)
- Version 2: Enhanced features with additional filters
New forms automatically use Version 2, which includes exclusive features like Invalid Email Filter, Burner Email Filter, and Risky URL Whitelist.
Migration Benefits: - Improved accuracy - Additional filtering options - Better false positive handling - Enhanced reporting
Honeypot Fields
Honeypot fields are hidden form elements that trap bots while remaining invisible to human users.
Basic Honeypot Setup
Add a hidden field to your form that bots will fill out but humans won't see:
<form accept-charset="UTF-8" action="https://usebasin.com/f/YOUR_FORM_ID" method="POST">
<input type="text" name="name" placeholder="Your Name" required>
<input type="email" name="email" placeholder="Your Email" required>
<textarea name="message" placeholder="Your Message" required></textarea>
<!-- Honeypot field - hidden from users -->
<input type="hidden" name="_gotcha">
<button type="submit">Submit</button>
</form>
Custom Honeypot Fields
You can specify a custom honeypot field name in your form settings:
- Go to Form → Settings → Spam
- Set your custom honeypot field name
- Use that field name in your form
<form accept-charset="UTF-8" action="https://usebasin.com/f/YOUR_FORM_ID" method="POST">
<!-- Your form fields -->
<input type="hidden" name="your_custom_honeypot_name">
<button type="submit">Submit</button>
</form>
Advanced Honeypot Techniques
Visible Honeypot (for advanced users):
<div style="position: absolute; left: -5000px;">
<input type="text" name="website" placeholder="Leave this field empty">
</div>
CSS-Hidden Honeypot:
Duplicate Detection
The duplicate filter automatically identifies and blocks identical submissions.
How It Works
Basin compares incoming submissions against existing submissions in both your inbox and spam folder. If an exact match is found, the duplicate is automatically marked as spam.
Configuration
- Navigate to Form → Settings → Spam
- Toggle Duplicate Filter on/off
- Save settings
Use Cases: - Preventing form resubmission - Blocking automated repeat submissions - Reducing inbox clutter
Email Validation and Filtering
Valid Email Filter
SpamCheck Version 2 Only
The Valid Email Filter requires SpamCheck Version 2.
This filter ensures submitted email addresses are legitimate and deliverable.
Validation Criteria:
1. Format Check: Must match standard email format (user@domain.tld
)
2. Deliverability Check: Must point to an active mailbox
Setup Requirements: Your form must include a properly named email field:
Configuration: 1. Go to Form → Settings → Spam 2. Enable Valid Email Filter 3. Save settings
Burner Email Filter
SpamCheck Version 2 Only
The Burner Email Filter requires SpamCheck Version 2.
Automatically detects and blocks temporary/disposable email addresses commonly used by spammers.
Blocked Email Types: - Temporary email services - Disposable email addresses - Known spam email domains - Throwaway email providers
Configuration: 1. Go to Form → Settings → Spam 2. Enable Burner Email Filter 3. Save settings
Blocked Email Domains
Manually specify email domains to block from form submissions.
Setup: 1. Navigate to Form → Settings → Spam 2. Add domains to Blocked Email Domains 3. Press Enter after each domain 4. Save settings
Example:
If you block example.com
, any submissions from user@example.com
will be marked as spam.
Geographic and Location Filtering
Country-Based Filtering
Control which countries can submit to your forms using IP geolocation.
Whitelist Mode: - Only allow submissions from specified countries - All other countries are blocked
Blacklist Mode: - Block submissions from specified countries - All other countries are allowed
Configuration: 1. Go to Form → Settings → Spam 2. Choose Whitelist or Blacklist mode 3. Add countries to your list 4. Save settings
Important
Use either whitelist OR blacklist, not both simultaneously.
Radius-Based Location Filter
Premium Feature
Available on Premium plans and above.
Create a geographic radius around a specific location to filter submissions.
How It Works: 1. Select a point on the map 2. Set a radius distance 3. Only submissions within the radius are allowed 4. Submissions outside the radius are marked as spam
Use Cases: - Local business forms - Regional event registrations - Location-specific services - Geographic compliance requirements
Configuration: 1. Navigate to Form → Settings → Spam 2. Enable Radius-based location filter 3. Set your location and radius 4. Save settings
Language Detection Filter
Automatically detect and filter submissions based on their primary language.
How It Works
Basin analyzes the text content of submissions to determine the primary language used.
Filter Options
Whitelist (Accepted Languages): - Only allow submissions in specified languages - Block all other languages
Blacklist (Blocked Languages): - Block submissions in specified languages - Allow all other languages
Dual Mode: Unlike country filtering, both whitelist and blacklist can be used simultaneously.
Configuration: 1. Go to Form → Settings → Spam 2. Configure Accepted Languages (whitelist) 3. Configure Blocked Languages (blacklist) 4. Save settings
Domain Restrictions
Limit form submissions to specific domains, providing an additional layer of security.
How It Works
Basin checks the Origin
header of submissions to verify they originate from allowed domains. This includes all subdomains of specified domains.
Configuration
- Navigate to Form → Settings → Spam
- Add domains to Allowed Domains
- Press Enter after each domain
- Save settings
JavaScript Framework Considerations
Set Origin Header Manually
When using AJAX or JavaScript frameworks, the Origin header may be omitted. Set it manually:
fetch('https://usebasin.com/f/YOUR_FORM_ID', {
method: 'POST',
body: formData,
headers: {
'Origin': 'https://yourdomain.com'
}
});
Referrer Policy Requirements
Check Referrer Policy
Ensure your site's Referrer Policy sends origin information to Basin. The default strict-origin-when-cross-origin
policy is compatible.
Advanced Content Filtering
Risky URL Whitelist
SpamCheck Version 2 Only
Available with SpamCheck Version 2.
Basin's AI identifies submissions containing "risky URLs." You can whitelist legitimate URLs that are incorrectly flagged.
Configuration: 1. Go to Form → Settings → Spam 2. Add URLs to Allowed Risky URLs 3. Save settings
Note: This only affects submissions marked as spam specifically for containing risky URLs.
Lead Agent Spam Threshold
Set a threshold score that automatically marks submissions as spam based on lead quality analysis.
How It Works: - Submissions receive a lead agent score - Submissions below your threshold are marked as spam - Other spam filters still apply - Unscored submissions are not affected
Configuration: 1. Navigate to Form → Settings → Spam 2. Set Lead Agent Spam Threshold 3. Save settings
Combining Protection Methods
Layered Defense Strategy
For optimal protection, combine multiple methods:
<form accept-charset="UTF-8" action="https://usebasin.com/f/YOUR_FORM_ID" method="POST">
<!-- Regular form fields -->
<input type="text" name="name" required>
<input type="email" name="email" required>
<textarea name="message" required></textarea>
<!-- Honeypot protection -->
<input type="hidden" name="_gotcha">
<!-- CAPTCHA (choose one) -->
<div class="h-captcha" data-sitekey="YOUR_SITE_KEY"></div>
<button type="submit">Submit</button>
</form>
Recommended Combinations: - Basic Protection: Honeypot + Duplicate Filter + Valid Email Filter + Domain Restrictions - Enhanced Protection: Above + Geographic Filter + Language Filter - Maximum Protection: Above + CAPTCHA + Custom Filters
Backend Filter Configuration
Enable multiple backend filters for comprehensive protection:
- SpamCheck.ai (automatic)
- Duplicate Filter
- Valid Email Filter
- Burner Email Filter
- Country Filter
- Language Filter
- Domain Restrictions
- Lead Agent Threshold
Monitoring and Management
Spam Summary Emails
Stay informed about your spam protection effectiveness:
- Go to Form → Settings → Notifications
- Enable Spam Summary Emails
- Choose frequency (daily, weekly, monthly)
Webhook Integration
Configure webhooks to trigger regardless of spam status:
- Navigate to Form → Settings → Webhooks
- Enable webhook for all submissions
- Handle spam status in your webhook handler
Regular Monitoring
Best Practices: - Review spam folder weekly - Monitor false positive rates - Adjust thresholds based on results - Update filters seasonally
Spam Retention
Basin retains spam for 30 days before permanent deletion. Review regularly to catch false positives.
Troubleshooting Common Issues
High False Positive Rate
Solutions: - Lower sensitivity thresholds - Whitelist legitimate domains/URLs - Review and adjust geographic filters - Check language detection settings
Spam Still Getting Through
Solutions: - Enable additional filters - Implement honeypot fields - Add CAPTCHA protection - Tighten geographic restrictions - Review and update blocked domains
Legitimate Submissions Blocked
Solutions: - Check spam folder regularly - Review filter configurations - Adjust threshold settings - Whitelist legitimate sources - Enable webhook notifications
Support and Resources
For additional support with advanced spam protection features, contact Basin support or refer to our comprehensive documentation.