Spam via Contact Us - Call to Arms!

[Fosters]

8 minutes ago, Black Tiger said:

 

 

Sorry, this is not quite English (neither am I) and I don't understand the meaning of this sentence.

The point is that I can decide myself to add ip ranges to a blacklist. They can't access it anymore then.

Thats true. 

[Sonya*]

35 minutes ago, Black Tiger said:

All nice idea's, but adding the abuser's ip is just a little feature question, should be easy to do too.

Automatic spam programs change IPs like underwear. Sometimes they use IPs that real users can use as well. I would not rely on IP at all.

[Black Tiger]

@Sonya*True but that's a choice. In my case 99,9% spammers are comming from certain country's which I block and from dedicated servers, from which normally no users login, like servers from OVH for example.

I almost never see IP's that real users can use and ofcourse then I don't block them. But as said, that is a choice and implemeting the ip with the form can be done in half a minute.

 

[Fosters]

Ive just added s new feature... Our spam prevention suite will check  the banned IP addresses for the contact us form in the next release 🙂 so once the IP or the members was banned, they won’t be able to access the contact us form . 

[Black Tiger]

That's great, but you still need the ip to use this option then. 😉 At this point only possible for (former) members then.

[Fosters]

Yea, as I said, you had a valid point 

🙂 

[Dean Spencer]

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

[Joel R]

4 hours ago, Dean Spencer said:

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

The hard and brutal life of a community admin LOL 

[LiquidFractal]

4 hours ago, Dean Spencer said:

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

If it makes you feel better I'd be happy to offer you an interest free loan of up to $100,000, no credit history required.  All I need is your credit card details sent to my website at http://wtfomgloleduardossalsaparlorandchainsawrepair.io.mx.co.ec.me.

Edited May 26, 2019 by liquidfractal

[Misi]

5 hours ago, Dean Spencer said:

but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

Hehe...Those offers are coming to me now!

But because I have a good heart I may redirect half of them to your email address free of charge...
...all of them for a cent for each.

My bank account number at the Whole Universe Bank: 1234 567890

[Jamer]

I am also receiving far too many emails (spam) via the contact us form.

[hawksfan]

Can we please get the addition of the question/answer challenge on the contact us form? Captcha is not adequate any longer.

Edited January 30, 2021 by hawksfan

[SeNioR-]

8 hours ago, hawksfan said:

Can we please get the addition of the question/answer challenge on the contact us form? Captcha is not adequate any longer.

I had Google reCAPTCHA but still got spam. I added Q&A via plugin but it didn't help. I don't know how the bots / spammers were bypassing these security features. I had to restrict guest access since then I don't get spam anymore.

My Q&A plugin (current waitning for approval)

 

Edited January 30, 2021 by SeNioR-

[MEVi]

On 6/21/2018 at 5:04 PM, bfarber said:

We have discussed this, but it's tricky. For instance, I considered looking at calling our IPS Spam Service for emails sent through the contact form, but we decided that this couldn't be done because a valid user who was blocked from registration by the spam service would then have absolutely no way to contact the site admin to let them know or get assistance.

Unfortunately, if you leave a contact form in place, spammers will use it. It's tricky to block spam effectively here without resorting to "hacks" (like scanning the email for specific text which may not actually be indicative of spam).

Would it be possible that if the user is identified as a spammer, it sends this request to a defined email address instead of creating a support ticket?

[zyx]

On 1/30/2021 at 7:15 AM, hawksfan said:

Can we please get the addition of the question/answer challenge on the contact us form? Captcha is not adequate any longer.

Agreed!

Question and answer seems to work great, as we get hardly any spam bots registering/posting, yet the contact us form is flooded with them! 

Since question & answer is already built into IPS, hopefully this would be possible to integrate to the contact us form too? 🙏

[CoffeeCake]

Are you all certain the spam is coming via the form rather than emailed to the community account?

We have thousands of messages inbound in contact us and the only spam we see is targeted stuff intentionally sent to us by someone trying to market to us.

[Sonya*]

8 hours ago, Paul E. said:

Are you all certain the spam is coming via the form rather than emailed to the community account?

We have thousands of messages inbound in contact us and the only spam we see is targeted stuff intentionally sent to us by someone trying to market to us.

In my case, 99% of spam comes through contact form. See my logs in the review of the plugin 

You can stop bots, but you cannot stop human that really fill out the forms. In my experience, the best way to stop spam is to block their IP addresses, their E-Mails and to investigate the E-Mail content to find spam links in it. The plugin above is ready to use and free for 7 days. It is worth to test it.

Edited February 4, 2021 by Sonya*

[CoffeeCake]

6 hours ago, Sonya* said:

The plugin above is ready to use and free for 7 days. It is worth to test it.

Interesting, I didn't realize it worked on registration as well. We have had to resort to denying registrations from a particular country because of the amounts of registrants creating accounts to post spam on the community (not contact form, actual posts) originating from those locations. They all are created by humans. I'd be interested to see if we lifted the country restriction and put this in place instead to see if it would catch it.

They rotate amongst a number of the country's mobile providers. I assume it's people working in farms.

[The Old Man]

I get this particular PITA spamming me from the Contact Form about 4 times a week, every week for months now.
His IP may change, but the email address never does.

eric.jones.z.mail@gmail.com

Honestly it drives me nuts that I can't simply block him by adding his email address to the existing IPS AdminCP email blacklist facility. A quick check of that list by the contact form would sort it.

I can't flag his emails as spam in my mail client, because then I'd be reporting my owner server and shooting myself in the foot in terms of anti spam blacklists (because the email is sent via my server), such is the nature of contact form spam. I increased the strength of the Google Recapcha in their settings but no joy. 
 

I can't use the spam filters in CPanel because the form sends the external message, he doesn't spam via a traditional mail client.

The From field sent by IPS is my sites email address, not the email addresses of the spammer, which may be RFC compliant in doing so but doesn't help.

I set up DKIM, SPF and DMARC correctly but that actually works against me, because Spam Assassin is rating my server and reduces the spam score.

Subject: A user sent a message via the contact form
From: "Eric Jones" <my sites email address>
X-Spam-Status: No, score=4.3
X-Spam-Score: 43
X-Spam-Bar: ++++
X-Ham-Report: Spam detection software, running on the system "vpsxxx.myserver.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  A user has sent a message using the Contact Us form. ----
   Eric Jones ( eric.jones.z.mail@gmail.com ) said: 
 Content analysis details:   (4.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 HTML_MESSAGE           BODY: HTML included in message
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                             valid
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
                             envelope-from domain
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
                             author's domain
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
  0.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
X-Spam-Flag: NO
X-From-Rewrite: unmodified, no actual sender determined from check mail permissions

My email goes through Sparkpost, so technically I'm sending the spam (from my server and it has my email address in the From field) which puts me at risk from their policies.

I think that simply manually blacklisting an email address in AdminCP is worthwhile, doesn't have any negative aspects in terms of legitimate users being able to get through. It won't block the first email but at least we could do something about it.

 

[Nathan Explosion]

5 hours ago, The Old Man said:

A quick check of that list by the contact form would sort it.

Freebie plugin pending approval now:

 

[CoffeeCake]

8 hours ago, The Old Man said:

I think that simply manually blacklisting an email address in AdminCP is worthwhile, doesn't have any negative aspects in terms of legitimate users being able to get through. It won't block the first email but at least we could do something about it.

If you integrate with the Commerce support tool, there is a setting where you can add filters to ignore things like e-mails from a specific e-mail address.

[The Old Man]

Thanks @Nathan Explosion just installed. That's what I'm talking about!

[MEVi]

The contact module has become the joke with spammers.

When a member is banned or an email address is missing, the contact module does not take it into account, would it be possible to modify its behavior:

For example if the email address is black listed in the forum, then the message will be sent directly to the webmaster email address, otherwise it opens a ticket in the support.

[Interferon]

We have a "contact" page on our site, and the email address is shown in an image that looks like text on the page. No problems for years.

[SeNioR-]

Guys, create contact form here https://freshdesk.com/ and link into forum.