Spam Filtering

Your time is limited, so we want to make sure the only submission data that hits your inbox is sent by humans, not bots.

Built-in Protection


We use a combination of Akismet and CleanTalk to assess the legitimacy of your form's submission content. Since submissions come in a variety of formats and structures, this methed can be too agressive or seem inconsistent for some use cases.

If you feel like too many spam submissions are making their way to your inbox on our default settings, we recommend implementing Google's reCAPTCHA which uses page context and user behavior instead of submission content.

Google reCAPTCHA


If you want to you detect abusive submissions to your forms with limited user friction, Google reCAPTCHA is your best bet. It offers the best level of protection and consistency in terms of spam filtering, but it takes a little bit of work to setup.

Basin supports both click and invisible reCATPCHA. Choose and use one only.
Step 1 — Add script tag to your page

You must add the following script tag somewhere outside of your form code and before the closing head tag. If you place it inside the form div, then reCAPTCHA won't initialize.

HTML
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
Step 2 — Add reCAPTCHA div to your form code

Your reCAPTCHA must contain the same sitekey as shown in the code snippet below. If you use a different sitekey, reCAPTCHA will not work.

HTML
<div class="g-recaptcha" data-sitekey="6Lew3SMUAAAAAJ82QoS7gqOTkRI_dhYrFy1f7Sqy"></div>
Step 3 — Enable 'Require Valid reCAPTCHA response'

This setting is found within your form's 'Edit' tab in the dashboard. Enabling this ensures all form submissions must be accompanied by a successful reCAPTCHA.

Setup invisible reCAPTCHAOptional

If you'd rather not having the default styling of the reCAPTCHA conflict with your form's style, you can hide it instead using the code snippet below. Remember to keep the data-sitekey as shown.

HTML
<script>
function onSubmit(token) {
document.getElementById("invisible-recaptcha-form").submit();
}
</script>
 
<form id="invisible-recaptcha-form">
...
<button class="g-recaptcha" data- sitekey="6Lew3SMUAAAAAJ82QoS7gqOTkRI_dhYrFy1f7Sqy" data-callback='onSubmit' data-badge="inline">Submit</button>
</form>
Hide Google's attribution badgeOptional

If you want to hide Google's attribute, you can use the CSS below. Simply include it anywhere outside of your form tags, or to your custom stylesheet.

CSS
<style>
.grecaptcha-badge {
display: none;
}
</style>

Honeypot


This technique can be used in conjunction with our supported spam filtering methods. By including a hidden field in your form for spam bots to fill out, the submission will be ignored when a value is entered and submitted.

HTML
<form accept-charset="UTF-8" action="https://usebasin.com/f/1a2b3c4d5e6f" method="POST">
...
<input type="hidden" name="_gotcha"></input>
...
</form>