lildog Posted April 21, 2013 Share Posted April 21, 2013 I help a lady with her site and most of the time I do not hear a peep from her and her shop just keeps running. Today I got an email saying her site was suspended due to excessive emails being sent... To be honest it has been a while since I did any work on her osCommerce cart and have absolutely no idea where to start. Are there some common places to look for this problem? What should I be loooking for? Any help is greatly appreciated. Is there a way to find out what file is generating these emails? Thank you, Todd Link to comment Share on other sites More sharing options...
greasemonkey Posted April 21, 2013 Share Posted April 21, 2013 Sounds like it may have been hacked? I'm no expert - maybe visit the security forum. Link to comment Share on other sites More sharing options...
lildog Posted April 21, 2013 Author Share Posted April 21, 2013 Certainly hacked...we haven't done anything to this site for months, other than add products. Link to comment Share on other sites More sharing options...
greasemonkey Posted April 21, 2013 Share Posted April 21, 2013 Check the files... You should be able to easily see if there's been edits based on the last modified date. If there have been any changes you know your in "deep". Good luck. Link to comment Share on other sites More sharing options...
Guest Posted April 21, 2013 Share Posted April 21, 2013 @@lildog The 'tell a friend' module is a commonly exploited function for sending out emails from unsuspecting osCommerce sites. Disable the module to see if that corrects the problem.. Chris Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 21, 2013 Share Posted April 21, 2013 @@lildog It's a common problem nowadays. As Chris menioned, the tell a friend is usually at fault but the spammers have scripts that can use any form on the site so the contact us and create account are also pssibilities. The host can say for sure where the emails were sent for. The way to stop it is to install the google recaptcha package. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
germ Posted April 22, 2013 Share Posted April 22, 2013 @@lildog Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher. And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them. You could try something like this, a "challenge question" instead. A text entry as an answer to a question as an anti-robot measure. The code at that link isn't for "Tell A Friend" module, but you're a bright guy I'm sure you can figure it out. Just something to consider. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
MrPhil Posted April 22, 2013 Share Posted April 22, 2013 Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher. Yes, to crank up their "difficulty" level high enough to stop bots results in a puzzle almost no human can solve. In other words, CAPTCHA (including reCAPTCHA) now keeps out the people and lets in the bots! And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them. You're about a year or so behind in your prediction. CAPTCHA has long been broken. Time to move on to other methods. Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 22, 2013 Share Posted April 22, 2013 I disagree. The captcha code isn't meant as a stop-all but it works quite well. We have had many problems with the sites of our hosting members sending out thousands of emails per account before installing recaptcha. After installing - not one problem. This has also been the case where people have contacted me saying their host suspended their sites for too many emails. After the installation - no more problems with suspension for that reason. It wouldn't surprise me to learn there are scripts out there that allow hackers to get by captcha systems. But, if there are, it is not wide-spread as of yet, in my experience, since this method works each and every time. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
germ Posted April 23, 2013 Share Posted April 23, 2013 By far the most common exploit of this module is caused by the store owners themselves. In an effort to boost sales, the ignorant go into the admin and set "Allow Guest to Tell a Friend" to TRUE. Little do they realize that without a "recaptcha" or "challenge question" or some other measure to deter SPAMBOTS this turns the module into a SPAM engine just waiting for some wandering robot to start it up. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
♥Biancoblu Posted April 24, 2013 Share Posted April 24, 2013 Just wondering, seeing as Tell a Friend is protected by action recorder, doesn't that stop, or at least slow down, the spam bots a bit? ~ Don't mistake my kindness for weakness ~ Link to comment Share on other sites More sharing options...
germ Posted April 24, 2013 Share Posted April 24, 2013 On v2.3.x I've assumed this thread was about a v2.2x shop. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
♥Biancoblu Posted April 24, 2013 Share Posted April 24, 2013 @@germ oh right, got it, my mistake :blush: ~ Don't mistake my kindness for weakness ~ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.