SMF Development > Fixed or Bogus Bugs

Possible spam vulnerability with 2.0 RC5

<< < (2/3) > >>

Illori:
you can also turn off email addresses visible to guests in the admin panel
admin -> security and moderation uncheck allow viewable email addresses and check do not reveal contact details of members to guests

Illori:
is this still an issue?

emanuele:

--- Quote from: Aleksi "Lex" Kilpinen on May 25, 2011, 05:59:37 AM ---The actual E-mail a member function of SMF 2.0 would sound like the cause -
The url "'http://ourwebsite/forum/index.php?action=emailuser;sa=email'" is exactly for that function.

--- End quote ---
You are indeed right!

But maybe we should put a captcha there too...for guests of course.

Aleksi "Lex" Kilpinen:
That would be logical, if it can be allowed for guests, then at least make sure guests need some verification.

live627:
Or even for members if under a certain post count?

Navigation

[0] Message Index

[#] Next page

[*] Previous page