Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Site shut down due to excessive emails being sent


lildog

Recommended Posts

I help a lady with her site and most of the time I do not hear a peep from her and her shop just keeps running. Today I got an email saying her site was suspended due to excessive emails being sent... To be honest it has been a while since I did any work on her osCommerce cart and have absolutely no idea where to start. Are there some common places to look for this problem? What should I be loooking for? Any help is greatly appreciated. Is there a way to find out what file is generating these emails?

 

Thank you,

Todd

Link to comment
Share on other sites

@@lildog

 

The 'tell a friend' module is a commonly exploited function for sending out emails from unsuspecting osCommerce sites. Disable the module to see if that corrects the problem..

 

 

 

 

Chris

Link to comment
Share on other sites

@@lildog It's a common problem nowadays. As Chris menioned, the tell a friend is usually at fault but the spammers have scripts that can use any form on the site so the contact us and create account are also pssibilities. The host can say for sure where the emails were sent for. The way to stop it is to install the google recaptcha package.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

@@lildog

 

Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher.

 

And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them.

 

You could try something like this, a "challenge question" instead. A text entry as an answer to a question as an anti-robot measure.

 

The code at that link isn't for "Tell A Friend" module, but you're a bright guy I'm sure you can figure it out.

 

Just something to consider.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Personally I think any recaptcha is for the birds - I've hated every single one I've ever tried to decipher.

Yes, to crank up their "difficulty" level high enough to stop bots results in a puzzle almost no human can solve. In other words, CAPTCHA (including reCAPTCHA) now keeps out the people and lets in the bots!

 

And I'm sure teams of spammers all over the globe are furiously working on image recognition software so they can break them.

You're about a year or so behind in your prediction. CAPTCHA has long been broken. Time to move on to other methods.

Link to comment
Share on other sites

I disagree. The captcha code isn't meant as a stop-all but it works quite well. We have had many problems with the sites of our hosting members sending out thousands of emails per account before installing recaptcha. After installing - not one problem. This has also been the case where people have contacted me saying their host suspended their sites for too many emails. After the installation - no more problems with suspension for that reason. It wouldn't surprise me to learn there are scripts out there that allow hackers to get by captcha systems. But, if there are, it is not wide-spread as of yet, in my experience, since this method works each and every time.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

By far the most common exploit of this module is caused by the store owners themselves.

 

In an effort to boost sales, the ignorant go into the admin and set "Allow Guest to Tell a Friend" to TRUE.

 

Little do they realize that without a "recaptcha" or "challenge question" or some other measure to deter SPAMBOTS this turns the module into a SPAM engine just waiting for some wandering robot to start it up.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

On v2.3.x

 

I've assumed this thread was about a v2.2x shop.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...