Lots of spam today

[marklcfc]

In the past hour I’ve had around 40 spam failure to deliver messages. It’s happened twice in that hour, around 20 times within a minute, different emails in every failure.

Its happening through the post through register from what I see, but how they are doing it so fast I don’t know. Any ideas? I’ve turned it off temporarily

Example of one

Edited March 30, 2022 by marklcfc

[opentype]

Probably bots. The Google captcha (if used) is not a big problem for them. I solved this problem by switching to the 3rd-party implementation of hCaptcha. 

[marklcfc]

Just now, opentype said:

Probably bots. The Google captcha (if used) is not a big problem for them. I solved this problem by switching to the 3rd-party implementation of hCaptcha. 

On spam prevention I have Invisible reCAPTCHA selected

[Jim M]

Would guess some form of automated bots and they are getting stopped at your registration page. Being the "did you forget?" email is being sent now, this spam attack happened about a week ago.

1 minute ago, marklcfc said:

Invisible reCAPTCHA selected

This is Google's CAPTCHA.

[marklcfc]

42 minutes ago, Jim M said:

Would guess some form of automated bots and they are getting stopped at your registration page. Being the "did you forget?" email is being sent now, this spam attack happened about a week ago.

43 minutes ago, marklcfc said:

So there's no way to stop it? I'm still getting lots of these emails email failures

[Randy Calvert]

Look at the CleanTalk plugin. It’s done a great job of reducing spam registrations and Contact Us spam messages. 

[Jim M]

16 minutes ago, marklcfc said:

So there's no way to stop it? I'm still getting lots of these emails email failures

I'm afraid, there is no built-in method to do so. I have transferred this to a ticket though to see if we can clean up any of this for you.

[marklcfc]

On 3/30/2022 at 6:12 PM, opentype said:

Probably bots. The Google captcha (if used) is not a big problem for them. I solved this problem by switching to the 3rd-party implementation of hCaptcha. 

Is this what you’re using 

 

[opentype]

Yes.

[Hostingunlock]

add question in the registry difficult to answer that's why spam

[marklcfc]

2 hours ago, Hostingunlock said:

add question in the registry difficult to answer that's why spam

Can I for the post before register page?

[Marc Stridgen]

These will not be asked on post before register, no

[CheersnGears]

@marklcfc - get the Cleantalk plug-in. It's $8 a year and works really well to block bad bots.

[marklcfc]

1 hour ago, CheersnGears said:

@marklcfc - get the Cleantalk plug-in. It's $8 a year and works really well to block bad bots.

This one? Isn't showing a price. And do you just install it and it works or any other setting up?

Isn

[Randy Calvert]

8 minutes ago, marklcfc said:

This one? Isn't showing a price. And do you just install it and it works or any other setting up?

Isn

Yes.  The plugin is free to install, but for protection to work...  you need an activation key that you get from purchasing on their site.  In terms of settings...  it's pretty simple:

There is one other field below this space for your registration key and that's it.  

Their website portal shows all of the activity such as blocks/allows, etc.  

[CheersnGears]

14 minutes ago, marklcfc said:

This one? Isn't showing a price. And do you just install it and it works or any other setting up?

Isn

Yes, that one. The plug-in is free, but you need to buy the yearly subscription for $8.

If you're not an international site you might want to buy up to the plan that lets you blacklist certain countries. It's slightly more, but still very worth it.

[marklcfc]

Does it affect post before register though? That's where I'm getting spam through and nowhere else

[Sonya*]

13 minutes ago, marklcfc said:

Does it affect post before register though? That's where I'm getting spam through and nowhere else

It does not prevent writing and submitting. But you do not see those posts anywhere in your community till the user registers and confirms his email. CleanTalk will prevent registering spam users. Their spam posts (that you'll never see) are deleted automatically by IPS after some time.

[marklcfc]

The actual users don't end up registering or in validating though, I just get a load of spam emails whenever Post before register is turned on.

Edited April 11, 2022 by marklcfc

[Sonya*]

I see.

I use a different e-mail address for outgoing e-mails. This is a kind of noreply@mycommunity.com. This e-mail does not accept any e-mails. That's why I do not see any Mail Delivery Failure from those who use invalid mails. Incoming mails go to a fully functional e-mail address. Probably this is an approach for you.

[Marc Stridgen]

Its not spam emails you are getting there. Its delivery fails because the email addresses dont exist. There is little that can really be done to prevent that

[Randy Calvert]

You can also just create a server rule to automatically delete those messages as well.  

[marklcfc]

2 hours ago, Sonya* said:

I see.

I use a different e-mail address for outgoing e-mails. This is a kind of noreply@mycommunity.com. This e-mail does not accept any e-mails. That's why I do not see any Mail Delivery Failure from those who use invalid mails. Incoming mails go to a fully functional e-mail address. Probably this is an approach for you.

I would do that, but I've set it all up in amazon ses, guessing I'd have to set up a new email in ses called noreply@mysite to do that. But then I assume I'm still going to get the failures and I'm only bothered by it as I suspect it will harm my reputation on there having all these delivery failures which are so frequent when post before register is active.

My bounce rate is quite high now and that's with me having post before register off for a while now

49 minutes ago, Randy Calvert said:

You can also just create a server rule to automatically delete those messages as well.  

How exactly and would that help with Amazon ses reputation or not?

Edited April 11, 2022 by marklcfc

[Randy Calvert]

You have two different issues here.  The mailer daemon messages can be disabled within your SES settings so you don't even generate them. That will remove you getting notices about bounces via email.

Under your Notification settings, disable email notification.

Now...  regarding your reputation...  this is indifferent.  It's not going to help OR hurt you.  

Regarding improving your reputation, you need to figure out why emails are bounding.  I personally used SESDashboard.  https://sesdashboard.com/#features

You can set SNS to deliver notifications of all successful and failed messages to the dashboard so you can see what is happening.  I personally will go through and look at bounced messages to see if it's legit members who have an old email address, etc.   If you're using SES with IPB, I assume you're using 

Make sure your bounce management is configured and working.  I personally for hard bounces have users changed to the validating group so they're forced to update their email address.  If it's a complaint, I set the account to "Temporarily Banned".  (If they want to stay a member, they're forced to reach out to me and I can educate them about not reporting our mail as spam.  Otherwise, they can stay banned.)

[marklcfc]

1 hour ago, Randy Calvert said:

You have two different issues here.  The mailer daemon messages can be disabled within your SES settings so you don't even generate them. That will remove you getting notices about bounces via email.

Under your Notification settings, disable email notification.

Does this just mean that the emails will continue to bounce but I just won't be notified about it? so I won't be aware of how often it's happening.

Edited April 11, 2022 by marklcfc