Spam via Contact Us page

Get help with installation and running phpBB 3.1.x here. Please do not post bug reports, feature requests, or extension related questions here.
Suggested Hosts
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

NOTE: phpBB 3.1.x is at its End of Life stage and support will NOT be provided after July 1st, 2018.
Swanny
Registered User
Posts: 427
Joined: Sun Apr 14, 2002 2:11 am
Location: Canada

Spam via Contact Us page

Post by Swanny » Thu Oct 30, 2014 7:46 pm

Well I guess I should have seen this coming. Spammers are sending messages through the built-in Contact Us page that I enabled on my 3.1 installation.

Is there a way to enable my Q&A that is very successful on registration and port it over to be also used on the Contact Us page when a user is not logged in?

I can go in and block IP addresses after I get the spam but it would be nice to stop it before it starts.

User avatar
noth
Registered User
Posts: 2471
Joined: Fri Jan 07, 2005 7:10 pm
Location: North Surrey
Contact:

Re: Spam via Contact Us page

Post by noth » Thu Oct 30, 2014 8:03 pm

yikes, I never thought of that

I have already had some genuine emails through that

:x yeah, hmmm what a shock!

User avatar
nickvergessen
Former Team Member
Posts: 4397
Joined: Mon Apr 30, 2007 5:33 pm
Location: Stuttgart, Germany
Name: Joas Schilling
Contact:

Re: Spam via Contact Us page

Post by nickvergessen » Thu Oct 30, 2014 8:50 pm

The problem is that we use the contact form as "Help" when a user can not solve the captcha.
We use the contact form instead of giving out the email adress of the administrator directly.

If this does not work for you, you can just disable the contact form in the ACP, then the email adress is displayed again like in 3.0
No Support via PM

Swanny
Registered User
Posts: 427
Joined: Sun Apr 14, 2002 2:11 am
Location: Canada

Re: Spam via Contact Us page

Post by Swanny » Thu Oct 30, 2014 10:36 pm

I intend to put the link to the Contact page in the footer of the rest of my site too, and use it as a built-in feedback system for anyone to contact me.

The questions that I put in the Q&A are easily solved by a human. I understand the captcha system is easily "cracked" by automated systems, that's why I was thinking that the Q&A would work well. You could have a simple question there like what is the missing letter in this word?: Pean_t for example.

Is it possible to enable Q&A (not CAPTCHA) as an option for the contact page, which could be toggled on/off in ACP? So if you want an easy contact page, no Q&A but let the admin decide.

mrgtb
Registered User
Posts: 549
Joined: Wed Oct 03, 2007 10:51 am

Re: Spam via Contact Us page

Post by mrgtb » Thu Oct 30, 2014 10:49 pm

nickvergessen wrote:The problem is that we use the contact form as "Help" when a user can not solve the captcha.
We use the contact form instead of giving out the email adress of the administrator directly.

If this does not work for you, you can just disable the contact form in the ACP, then the email adress is displayed again like in 3.0
Another problem is though. If spammers can mass send emails dead easy because of no type of captcha used on the contact us page, that could end up getting your forums email blacklisted pretty easy I would imagine, or even have your host complaining about it.

I have it active on my forum but I'm seriously starting to consider stopping doing it because of those two risks posed by having it enabled knowing spammers could really abuse that and end up backfiring on you. If at any point I see a sudden rise in spam coming from it, it's being disabled.

You say when a user cannot answer captcha. Use Q/A on it then, if they can't answer Q/A questions - then they shouldn't be joining a forum in the first place. I would have thought its use is more for when you ban a member and they contact you wanting to know why, or if you'll unban them again, or somebody has a complaint about something posted on forums (such as copyright issues) etc.

I use a forwarder with my forums email via cPanel (so do many others). So any email sent from admin@forum.co.uk gets redirected to my own hotmail account. What will happen if one day hundreds of spam emails get sent with Viagra and UgBoots, etc - all landing in my hotmail from my forum email address. That could get the forum domain blacklisted as a spam email sender with MSN/hotmail

User avatar
M.O.B.
Registered User
Posts: 906
Joined: Tue Jan 04, 2005 1:07 am
Location: San Diego CA USA
Contact:

Re: Spam via Contact Us page

Post by M.O.B. » Fri Oct 31, 2014 1:42 am

Yes, this particular feature was not thoroughly thought out. :(
Image

User avatar
RMcGirr83
Recognised Extension Developer
Posts: 20991
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr
Contact:

Re: Spam via Contact Us page

Post by RMcGirr83 » Sat Nov 01, 2014 8:08 am

Acutally, IIRC it was pretty heavily debated over at area51
In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored

shurijo
Registered User
Posts: 33
Joined: Sun Mar 15, 2015 8:37 pm

Re: Spam via Contact Us page

Post by shurijo » Tue Mar 08, 2016 1:37 pm

Has anyone figured out a solution for this? I'm blocking spammers via email, IP, etc., so now I'm getting hundreds of spam per hour via the Contact us form.

User avatar
KevC
Support Team Member
Support Team Member
Posts: 68466
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: Spam via Contact Us page

Post by KevC » Tue Mar 08, 2016 1:42 pm

-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"

NicoBlog
Registered User
Posts: 65
Joined: Sun Dec 01, 2013 5:18 pm

Re: Spam via Contact Us page

Post by NicoBlog » Sat Feb 10, 2018 11:44 pm

Excuse me but the solution should be an update that adds google's re-captcha to the form, not to install an extension that doesn't even do it.

User avatar
RMcGirr83
Recognised Extension Developer
Posts: 20991
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr
Contact:

Re: Spam via Contact Us page

Post by RMcGirr83 » Sun Feb 11, 2018 12:27 am

In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored

User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 3328
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: Spam via Contact Us page

Post by HiFiKabin » Sun Feb 11, 2018 10:30 am

NicoBlog wrote:
Sat Feb 10, 2018 11:44 pm
Excuse me but the solution should be an update that adds google's re-captcha to the form, not to install an extension that doesn't even do it.
This extension does not need any CAPTCHA to prevent spambots signing up, which is why it does not include one. Rich's extension handles the same problem in a different way.

Choice is always good :mrgreen:

NicoBlog
Registered User
Posts: 65
Joined: Sun Dec 01, 2013 5:18 pm

Re: Spam via Contact Us page

Post by NicoBlog » Sun Feb 11, 2018 1:32 pm

HiFiKabin wrote:
Sun Feb 11, 2018 10:30 am
NicoBlog wrote:
Sat Feb 10, 2018 11:44 pm
Excuse me but the solution should be an update that adds google's re-captcha to the form, not to install an extension that doesn't even do it.
This extension does not need any CAPTCHA to prevent spambots signing up, which is why it does not include one. Rich's extension handles the same problem in a different way.

Choice is always good :mrgreen:
Not compatible with 3.2.
Sorry i use 3.2 i got to this thread trough google search.
RMcGirr83 wrote:
Sun Feb 11, 2018 12:27 am
Then use this
https://www.phpbb.com/customise/db/exte ... act_admin/
Breaks the entire website upon activation.

Code: Select all

[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/di/container_builder.php on line 146: require(./cache/production/autoload_4335734bbdd20f586549a504dff5f80c.php): failed to open stream: No such file or directory

Fatal error: require(): Failed opening required './cache/production/autoload_4335734bbdd20f586549a504dff5f80c.php' (include_path='.:/opt/sp/php7.0/lib/php') in /public/forums/phpbb/di/container_builder.php on line 146

User avatar
RMcGirr83
Recognised Extension Developer
Posts: 20991
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr
Contact:

Re: Spam via Contact Us page

Post by RMcGirr83 » Sun Feb 11, 2018 1:35 pm

Actually, no it doesn't. Your cache folder probably isn't writable or something. I just installed it fine on a test forum that is using PHP 7.0.13.
In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored

User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 3328
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: Spam via Contact Us page

Post by HiFiKabin » Sun Feb 11, 2018 1:46 pm

NicoBlog wrote:
Sun Feb 11, 2018 1:32 pm
HiFiKabin wrote:
Sun Feb 11, 2018 10:30 am
NicoBlog wrote:
Sat Feb 10, 2018 11:44 pm
Excuse me but the solution should be an update that adds google's re-captcha to the form, not to install an extension that doesn't even do it.
This extension does not need any CAPTCHA to prevent spambots signing up, which is why it does not include one. Rich's extension handles the same problem in a different way.

Choice is always good :mrgreen:
Not compatible with 3.2.
Sorry i use 3.2 i got to this thread trough google search.
The 3.2.x version is currently awaiting validation and is available from my extension website (link below)

Locked

Return to “[3.1.x] Support Forum”

Who is online

Users browsing this forum: FlaSerIC and 23 guests