Tweet
Today, I got hit with tens of drug spam messages throgh the "Contact us" form. All of it is from [email protected],. IP address of 85.255.117.18. Anyone else getting hit today?
-
Cyburbia Forums - a third place for urban planners
http://www.cyburbia.org/forums -
Do you have the image verification for this turned on? It was added in 3.5.0.Translations provided by Google.
Wayne Luke
The Rabid Badger - a vBulletin Cloud demonstration site.
vBulletin 5 API -
Yes, I do. That's why it seems so strange; who would go thorugh the problem of verifying it just to send spam to one person?
A traceroute for 85.255.117.18 dies somewhere in West Virginia; not India like I'd expect for this type of spam.
BTW, I just got hit with nine more spams from 85.255.117.18.Cyburbia Forums - a third place for urban planners
http://www.cyburbia.org/forumsComment
-
ban the ip at the server level and in vbPlan, Do, Check, Act!Comment
-
Actually DNSStuff.com records shows that this IP belongs to a hosting company in Ukraine. They have an abuse e-mail which you can complain to.
See for details:
You're spending millions of dollars on a website?!
Comment
-
-
I am getting spam through that form from this IP: 84.19.186.155
I've turned the image verification for guests on so see if that helps.
The Spam I get uses the URL-BBcode and links to various subpages of http://[REMOVE]beliy.pbwiki.[REMOVE]comThat's the end of that!Comment
-
Looks like nLayer is one of the primary backbones for this guy too.ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online EntertainmentComment
-
I was hit by them for a few days.
In the
"Allow Unregistered Users to use 'Contact Us'" setting, make sure you have selected the "Yes, but verify image" option from the drop down.
I only had mine set to "Yes" not realizing there was another option to verify the image as well.
Since applying that setting i haven't received any more spam.
Comment
-
That's the thing - I did have image verification turned on for the contact form. Seems like a LOT of trouble to go through just to spam one person.
As far as board registration goes, I've got most free Russian email providers and Yahoo.* among the banned addresses. Just blocking registration from Yahoo addresses stopped 95% of the spam that was posted.
EDIT: Amazing. My logs are showing a LOT of posts to vBulletin threads and nonexistent forms for other scripts I don't have (Moveable Type seems to be one of them) from 85.255.113.* to 85.255.117.* .Last edited by cyburbia; Sat 10 Jun '06, 10:33am.Cyburbia Forums - a third place for urban planners
http://www.cyburbia.org/forumsComment
-
-
Does the 'contact us' form use the servers sendmail system?
BobComment
-
-
It uses sendmessage.php, which in turn uses the function you selected in your vBulletin Options, either mail() or SMTP.Best Regards
Colin Frei
Please don't contact me per PM.Comment
-
Oh well, I had hoped I could use sendmail's blocking systems to deal with this.
BobComment
Comment