Jump to content

E-mail Hijacked


Recommended Posts

Hey folks,

This is a first for us. Basically our e-mail got hijacked and our forum is spamming endlessly to random e-mails from around the world. We checked out the something is wrong page to contact support and there is this optional upgrade: " prevents spam from being sent via the email sharer and resolves an issue with forums being hidden "

image.thumb.png.02ef9f98f4d32ae35f7dc1b0b19162ca.png

Now I'm really hoping this event correlates to this patch but we've already exhausted our 150k sending limit for the month so this has really put a hindrance on our domain name.

How do we clear the cron or backlog of e-mails? Our forum is still trying to send e-mails every second, whoever hijacked this must have injected hundreds of thousands. This is a pretty serious issue for us so if anyone can help us out please advise.

image.thumb.png.ef61452eb758e81ed7d36ea0d12dcbce.png

Link to comment
Share on other sites

check and make sure share via email is disabled, attackers use this and then modify the content and title

I got burned after spammer used this 'feature' to sent one million emails, I wish IPS is more open communicating potential loopholes with its customers, even the expired ones

 

with that said, you may try running sql to clear the backlog in your db

Link to comment
Share on other sites

8 hours ago, Eudemon said:

I wish IPS is more open communicating potential loopholes with its customers, even the expired ones

We currently have this message showing regardless of license status for communities that may be affected (it looks like the OP's screenshot was taken after the patch was applied, so it wasn't visible)..

image.png

 

8 hours ago, Nicholas Hadjiev said:

How do we clear the cron or backlog of e-mails? Our forum is still trying to send e-mails every second, whoever hijacked this must have injected hundreds of thousands. This is a pretty serious issue for us so if anyone can help us out please advise.

This isn't a 'backlog' as such, it's an error log showing emails that have failed to send.. These emails will not be sent unless you manually click the resend button on the right. The error log records are pruned after a period of time (30 days by default). You can safely leave those record if you wish and they will remove themselves.

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...