Jump to content

Archived

This topic is now archived and is closed to further replies.

lildog

Site shut down due to excessive emails being sent

Recommended Posts

I help a lady with her site and most of the time I do not hear a peep from her and her shop just keeps running. Today I got an email saying her site was suspended due to excessive emails being sent... To be honest it has been a while since I did any work on her osCommerce cart and have absolutely no idea where to start. Are there some common places to look for this problem? What should I be loooking for? Any help is greatly appreciated. Is there a way to find out what file is generating these emails?

 

Thank you,

Todd

Share this post


Link to post
Share on other sites

Certainly hacked...we haven't done anything to this site for months, other than add products.

Share this post


Link to post
Share on other sites

Check the files... You should be able to easily see if there's been edits based on the last modified date.

 

If there have been any changes you know your in "deep".

 

Good luck.

Share this post


Link to post
Share on other sites

@@lildog

 

The 'tell a friend' module is a commonly exploited function for sending out emails from unsuspecting osCommerce sites. Disable the module to see if that corrects the problem..

 

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

@@lildog It's a common problem nowadays. As Chris menioned, the tell a friend is usually at fault but the spammers have scripts that can use any form on the site so the contact us and create account are also pssibilities. The host can say for sure where the emails were sent for. The way to stop it is to install the google recaptcha package.

Share this post


Link to post
Share on other sites

@@lildog

 

Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher.

 

And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them.

 

You could try something like this, a "challenge question" instead. A text entry as an answer to a question as an anti-robot measure.

 

The code at that link isn't for "Tell A Friend" module, but you're a bright guy I'm sure you can figure it out.

 

Just something to consider.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher.

Yes, to crank up their "difficulty" level high enough to stop bots results in a puzzle almost no human can solve. In other words, CAPTCHA (including reCAPTCHA) now keeps out the people and lets in the bots!

 

And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them.

You're about a year or so behind in your prediction. CAPTCHA has long been broken. Time to move on to other methods.

Share this post


Link to post
Share on other sites

I disagree. The captcha code isn't meant as a stop-all but it works quite well. We have had many problems with the sites of our hosting members sending out thousands of emails per account before installing recaptcha. After installing - not one problem. This has also been the case where people have contacted me saying their host suspended their sites for too many emails. After the installation - no more problems with suspension for that reason. It wouldn't surprise me to learn there are scripts out there that allow hackers to get by captcha systems. But, if there are, it is not wide-spread as of yet, in my experience, since this method works each and every time.

Share this post


Link to post
Share on other sites

By far the most common exploit of this module is caused by the store owners themselves.

 

In an effort to boost sales, the ignorant go into the admin and set "Allow Guest to Tell a Friend" to TRUE.

 

Little do they realize that without a "recaptcha" or "challenge question" or some other measure to deter SPAMBOTS this turns the module into a SPAM engine just waiting for some wandering robot to start it up.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Just wondering, seeing as Tell a Friend is protected by action recorder, doesn't that stop, or at least slow down, the spam bots a bit?


~ Don't mistake my kindness for weakness ~

Share this post


Link to post
Share on other sites

On v2.3.x

 

I've assumed this thread was about a v2.2x shop.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

×