Jump to content
Memorial Day and Spring Bank Holiday Closing ×

Spam via Contact Us - Call to Arms!

The Old Man

By The Old Man
in Feedback

 Share

Recommended Posts

Fosters Veteran

Fosters

Posted
Posted
8 minutes ago, Black Tiger said:

 

 

Sorry, this is not quite English (neither am I) and I don't understand the meaning of this sentence.

The point is that I can decide myself to add ip ranges to a blacklist. They can't access it anymore then.

Thats true. 

Link to comment
Share on other sites
  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

The Old Man
The Old Man

Hi IPS, Any news on adding spam protection features to the Contact Us facility? My clients and I are currently being spammed senseless with the most blatant, clear as crystal offers of illeg

Dean Spencer
Dean Spencer

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since

LiquidFractal
LiquidFractal

If it makes you feel better I'd be happy to offer you an interest free loan of up to $100,000, no credit history required.  All I need is your credit card details sent to my website at http://wtfomglo

Posted Images

Sonya* Grand Master

Sonya*

Posted
Posted
35 minutes ago, Black Tiger said:

All nice idea's, but adding the abuser's ip is just a little feature question, should be easy to do too.

Automatic spam programs change IPs like underwear. Sometimes they use IPs that real users can use as well. I would not rely on IP at all.

Link to comment
Share on other sites
Black Tiger Collaborator

Black Tiger

Posted
Posted

@Sonya*True but that's a choice. In my case 99,9% spammers are comming from certain country's which I block and from dedicated servers, from which normally no users login, like servers from OVH for example.

I almost never see IP's that real users can use and ofcourse then I don't block them. But as said, that is a choice and implemeting the ip with the form can be done in half a minute.

 

Link to comment
Share on other sites
Joel R Mentor

Joel R

Posted
Posted
4 hours ago, Dean Spencer said:

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

The hard and brutal life of a community admin LOL 

Link to comment
Share on other sites
LiquidFractal Mentor

LiquidFractal

Posted
Posted (edited)
4 hours ago, Dean Spencer said:

I had this issue long ago and I fixed it....but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

If it makes you feel better I'd be happy to offer you an interest free loan of up to $100,000, no credit history required.  All I need is your credit card details sent to my website at http://wtfomgloleduardossalsaparlorandchainsawrepair.io.mx.co.ec.me.

Edited by liquidfractal
Link to comment
Share on other sites
Misi Enthusiast

Misi

Posted
Posted
5 hours ago, Dean Spencer said:

but since then my life has become horrible.  No longer do girls in my area wanna meet me, no longer do I get ad's for free weed, and it's been a while since I heard about the guy who told me my russian grandmother passed away and left me 100 million dollars... 

Hehe...Those offers are coming to me now!

But because I have a good heart I may redirect half of them to your email address free of charge...
...all of them for a cent for each.

My bank account number at the Whole Universe Bank: 1234 567890

Link to comment
Share on other sites
  • 1 year later...
  • 1 month later...
SeNioR- Grand Master

SeNioR-

Posted
Posted (edited)
8 hours ago, hawksfan said:

Can we please get the addition of the question/answer challenge on the contact us form? Captcha is not adequate any longer.

I had Google reCAPTCHA but still got spam. I added Q&A via plugin but it didn't help. I don't know how the bots / spammers were bypassing these security features. I had to restrict guest access since then I don't get spam anymore.

My Q&A plugin (current waitning for approval)

 

Edited by SeNioR-
Link to comment
Share on other sites
MEVi Community Regular

MEVi

Posted
Posted
On 6/21/2018 at 5:04 PM, bfarber said:

We have discussed this, but it's tricky. For instance, I considered looking at calling our IPS Spam Service for emails sent through the contact form, but we decided that this couldn't be done because a valid user who was blocked from registration by the spam service would then have absolutely no way to contact the site admin to let them know or get assistance.

Unfortunately, if you leave a contact form in place, spammers will use it. It's tricky to block spam effectively here without resorting to "hacks" (like scanning the email for specific text which may not actually be indicative of spam).

Would it be possible that if the user is identified as a spammer, it sends this request to a defined email address instead of creating a support ticket?

Link to comment
Share on other sites
zyx Collaborator

zyx

Posted
Posted
On 1/30/2021 at 7:15 AM, hawksfan said:

Can we please get the addition of the question/answer challenge on the contact us form? Captcha is not adequate any longer.

Agreed!

Question and answer seems to work great, as we get hardly any spam bots registering/posting, yet the contact us form is flooded with them! 

Since question & answer is already built into IPS, hopefully this would be possible to integrate to the contact us form too? 🙏

Link to comment
Share on other sites
Sonya* Grand Master

Sonya*

Posted
Posted (edited)
8 hours ago, Paul E. said:

Are you all certain the spam is coming via the form rather than emailed to the community account?

We have thousands of messages inbound in contact us and the only spam we see is targeted stuff intentionally sent to us by someone trying to market to us.

In my case, 99% of spam comes through contact form. See my logs in the review of the plugin 

You can stop bots, but you cannot stop human that really fill out the forms. In my experience, the best way to stop spam is to block their IP addresses, their E-Mails and to investigate the E-Mail content to find spam links in it. The plugin above is ready to use and free for 7 days. It is worth to test it.

Edited by Sonya*
Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted
6 hours ago, Sonya* said:

The plugin above is ready to use and free for 7 days. It is worth to test it.

Interesting, I didn't realize it worked on registration as well. We have had to resort to denying registrations from a particular country because of the amounts of registrants creating accounts to post spam on the community (not contact form, actual posts) originating from those locations. They all are created by humans. I'd be interested to see if we lifted the country restriction and put this in place instead to see if it would catch it.

They rotate amongst a number of the country's mobile providers. I assume it's people working in farms.

Link to comment
Share on other sites
  • 1 month later...
The Old Man Grand Master

The Old Man

Posted
  • Author
Posted

I get this particular PITA spamming me from the Contact Form about 4 times a week, every week for months now.
His IP may change, but the email address never does. 

eric.jones.z.mail@gmail.com


Honestly it drives me nuts that I can't simply block him by adding his email address to the existing IPS AdminCP email blacklist facility. A quick check of that list by the contact form would sort it.

I can't flag his emails as spam in my mail client, because then I'd be reporting my owner server and shooting myself in the foot in terms of anti spam blacklists (because the email is sent via my server), such is the nature of contact form spam. I increased the strength of the Google Recapcha in their settings but no joy. 
 

I can't use the spam filters in CPanel because the form sends the external message, he doesn't spam via a traditional mail client.

The From field sent by IPS is my sites email address, not the email addresses of the spammer, which may be RFC compliant in doing so but doesn't help.

I set up DKIM, SPF and DMARC correctly but that actually works against me, because Spam Assassin is rating my server and reduces the spam score. 

Subject: A user sent a message via the contact form
From: "Eric Jones" <my sites email address>
X-Spam-Status: No, score=4.3
X-Spam-Score: 43
X-Spam-Bar: ++++
X-Ham-Report: Spam detection software, running on the system "vpsxxx.myserver.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  A user has sent a message using the Contact Us form. ----
   Eric Jones ( eric.jones.z.mail@gmail.com ) said: 
 Content analysis details:   (4.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 HTML_MESSAGE           BODY: HTML included in message
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                             valid
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
                             envelope-from domain
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
                             author's domain
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
  0.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
X-Spam-Flag: NO
X-From-Rewrite: unmodified, no actual sender determined from check mail permissions

My email goes through Sparkpost, so technically I'm sending the spam (from my server and it has my email address in the From field) which puts me at risk from their policies.

I think that simply manually blacklisting an email address in AdminCP is worthwhile, doesn't have any negative aspects in terms of legitimate users being able to get through. It won't block the first email but at least we could do something about it.

 

Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted
8 hours ago, The Old Man said:

I think that simply manually blacklisting an email address in AdminCP is worthwhile, doesn't have any negative aspects in terms of legitimate users being able to get through. It won't block the first email but at least we could do something about it.

If you integrate with the Commerce support tool, there is a setting where you can add filters to ignore things like e-mails from a specific e-mail address.

Link to comment
Share on other sites
MEVi Community Regular

MEVi

Posted
Posted

The contact module has become the joke with spammers.

When a member is banned or an email address is missing, the contact module does not take it into account, would it be possible to modify its behavior:

For example if the email address is black listed in the forum, then the message will be sent directly to the webmaster email address, otherwise it opens a ticket in the support.

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...