I am at a loss for words.

Personal SPAM is one thing. Business SPAM, coming from your online forms, is another. It is best to understand the problem before attempting to implement a solution. Generally, I classify form SPAM into 1 of 2 categories:

1. Form hijacking attempts
2. Automated scripts

Strategies to tackle both types rely on tightening form validation and security. Hijacking attempts are much more of serious problem, because the attack is trying to use your form and mail server to send out SPAM to hundreds or thousands of other people. Identifying hijacking attempts can sometimes be tricky, but if you see a lot of bounced back SPAM originating FROM your servers, you should definately start investigating.

Here are some things you can to do to curb your form SPAM issues:

1. Enforce tight server side validation - Javascript validation is lazy and useless. Most of these attempts come from automated scripts that won’t ever hit your javascript.
   1. Make sure form values don’t include email header data
   2. Validate form data based on type and strip out HTML code
   3. Limit the number of characters to something reasonable
   4. Check for certain words, phrases, or code that might lead you to believe its SPAM
   5. Never pass critical mailing data as hidden fields (such as the mail to address)
2. Use CAPATCHA - makes the submitter enter in some words, letters or numbers in an image before submitting the form. This ensures that the form is being submitted by an actual person and not an automated script.
3. Validate user sessions - for each visitor, create a unique session. Store a random and unique value on the server. Include that value as a hidden fields on the form, and validate it against the value stored on the server. If it is an automated script completing the form, that value will most likely be wrong.
4. Log IP addresses - chances are that someone at an IP is not going to submit your form multiple times over a short period of time. Keep track of this and use some validation to restrict and detect.

Tightening your validation is the most critical step in stopping form SPAM. If you have a vulnerability in your form, adding CAPATCHA won’t stop someone from exploiting it. Post your form if you want us to run some checks.

We had an interesting discussion over here yesterday. The question was: does Google use keyword, behavioral, and/or aggregate data from Google Analytics as part of its algorithms? There were two sides to the argument:

1. Yes, it provides a 360 degree view of the search experience which it can then use to improve the final search experience (and make more money).
2. No, it would violate privacy and would generally be wrong and there is no need to use that data for the company’s gain.

After some research into the Google Analytics Terms of Service, we discovered that using that data would not be a violation.

6. INFORMATION RIGHTS AND PUBLICITY . Google and its wholly owned subsidiaries may retain and use, subject to the terms of its Privacy Policy (located at http://www.google.com/privacy.html , or such other URL as Google may provide from time to time), information collected in Your use of the Service.

We cannot confirm whether or not the data is actually part of their algorithms, but it would be extremely hard to believe that Google, a company that’s primary purpose is to store, organize, and rank data, keeps each of its products in their own little bubble. So how could this data be used to enhance search results?

1. Google can better understand user behavior at an industry and keyword level (average time on site, average time for conversions, total conversions, etc) and set benchmarks
2. Understanding behavior past the search engine, they can better predict relevancy factors (Quality Score, overall positioning), click fraud and ways to maximize revenue

So assuming your site is well optimized for both search engines and conversions (because Google Analytics or not, Google knows a crappy site when it sees one) the ultimate question is could running Google Analytics give you an extra boost?

We don’t full understand how all these variables impact your SEM, but we believe they are all pieces of the puzzle.

By now you’ve of heard the long tail theory. Wikipedia defines it as following; “The theory of the Long Tail is that our culture and economy is increasingly shifting away from a focus on a relatively small number of “hits” (mainstream products and markets) at the head of the demand curve and toward a huge number of niches in the tail.” This theory has far reaching implications beyond marketing. However, for the sake of this post, let’s focus on SEO.

Traditionally, this has been applied to keyword research and optimization. Meaning, there was no need to exert too much energy optimizing for VERY competitive keywords. Instead, optimize the entire site, whether it’s a online catalog or content play. And if you do so, the total number of clicks from these “less competitive” keywords will equal or exceed the total number of clicks from the VERY competitive keywords. Ok, so what does Compete.com contribution?

According to a recent post, Compete suggests that, “[T]he top 1% of searchers performs a full 13% of all searches in a given month.” Breaking this out by engine, Compete says, “70% of search queries in September were performed by 20% of Google searchers. For Yahoo! the concentration increased to 73% and for MSN/Live searchers 75% of the queries were performed by the top 20%.” Meaning, that most of the search query volume at the major search engines is driven by a relatively small number of search engine users: power searchers. What interesting about this notion is how marketers are spending their online dollars.

SitePoint has a great article entitled Web Site Optimization: 13 Simple Steps detailing some great ways to improve the performance of your site.

Inspired by Yahoo’s best practices for speeding up your website, the article details some more practical details for the average website as well as greater detail on implementing the changes.

To analyze your sites performance, get Yahoo’s FireFox/FireBug plugin YSlow.

In a nutshell, here are some of the best tips in the article:

1. Decrease file sizes - writing efficient HTML, CSS and Javascript will help to reduce file size, page load times, and often times SEO efforts
2. Optimize external files, such as CSS and Javascript - Combine multiple style sheets or Javascript files into one
3. Compress your HTML, CSS and Javascript - use Apache’s gzip/deflate to server compressed version of your pages to compatible browsers