Send Topic Spam

Sledgie · January 28, 2010, 04:48:28 PM

My site has been victimized by a spammer who is using the "send this topic" button at the bottom of posts to send email from my site. They insert their message in the "add a comment" box and send it out. My site has been suspended twice by my host in the last week for abuse of TOS (no spamming). They agreed to lift the suspension so I can try to fix this, but they told me if it happens again I'll have to find a new host.

I thought I had fixed it after the first attack by removing the permission to send this topic for guests, regular members, etc. I even used the "Deny" option. Instead of being a good webmaster and verifying the problem was solved, I went on my merry way only to find my site suspended again a few days later.

After this second time I checked my settings and removed the permission for EVERYONE/ANYONE to send this topic. I logged out and loaded a post and the button was still there! I tested it and sure enough, I received my test spam in my inbox.

How do I remove the button? If I can't remove it, I do I disable email? I changed the server setting to SMTP but the email still gets sent. I'm stumped and my site is sitting in maintenance mode until i figure this out. I don't want to get canned by my host.

Forum version: 1.1.11
Theme: default.

Martje · January 28, 2010, 05:17:26 PM

hmmm. I did not know that suggested sollutions in other topics did not solve the problem... this is worrying... I to want to know how to get rid of the "send this topic" all together. It would be surely something to think about solutions for the next upgrade/update of SMF.

thanks for the new info Sledgie

aishaweb · January 28, 2010, 05:23:07 PM

isnt there an option in permissions to prevent sending of messages?

Sledgie · January 28, 2010, 05:33:54 PM

Quote from: aishaweb on January 28, 2010, 05:23:07 PM
isnt there an option in permissions to prevent sending of messages?

All permissions to send topic have been removed. Where possible, it's even been denied. Yet even guests can still use the button.

Jade Elizabeth · January 28, 2010, 05:36:51 PM

Would you mind sending me a PM with an admin account? I can check the permissions for you and I'll check your error log too. This really shouldnt be happening!

EL34xyz · January 29, 2010, 09:30:39 AM

I am subscribing to this topic
I would like to know if there is a way to remove the "Send this topic" button?

Jade Elizabeth · January 29, 2010, 12:36:35 PM

It should be removed when the permission is denied.

kat · January 29, 2010, 12:43:09 PM

Read/write-protect SendTopic.php in the "Sources" directory.

Crude, but efficient.

Jade Elizabeth · January 29, 2010, 01:07:30 PM

Quote from: Kat on January 29, 2010, 12:43:09 PM
Read/write-protect SendTopic.php in the "Sources" directory.

Crude, but efficient.

That's going to cause errors. Come on Kat, we fix forums not break them

.

I don't have a test install of 1.x.....can someone please give me a way to check this? EL34xyz you have the issue too, would you mind PMing me an admin account to check?

aishaweb · January 29, 2010, 01:12:37 PM

Quote from: Jade Elizabeth on January 29, 2010, 01:07:30 PM
Quote from: Kat on January 29, 2010, 12:43:09 PM
Read/write-protect SendTopic.php in the "Sources" directory.

Crude, but efficient.

That's going to cause errors. Come on Kat, we fix forums not break them .

I don't have a test install of 1.x.....can someone please give me a way to check this? EL34xyz you have the issue too, would you mind PMing me an admin account to check?

2 secs

EL34xyz · January 29, 2010, 01:14:28 PM

No, sorry, I don't have the issue.

Wasn't sure if this was an issue that needed fixing or not
Just following the topic

kat · January 29, 2010, 01:30:53 PM

Quote from: Jade Elizabeth on January 29, 2010, 01:07:30 PMThat's going to cause errors.

Only in the log, surely?

If nothing else works, a quick edit of display.template (Is it?) to remove the option should be easy enough, ay?

Mick. · January 29, 2010, 01:38:31 PM

Can it be a mod related?

Im using RC2 and logged out and read a few of my threads. I didnt see the "send topic" option. Only the "print" button.

Yes, i also have the "send topic" option turned off.

kat · January 29, 2010, 01:43:15 PM

A link to your site might be useful, Sledgie...

Jade Elizabeth · January 29, 2010, 01:55:01 PM

It's definitely mod related. It's not even accessible by URL if the right permissions are checked.

Out of curiosity, I wonder if the post groups are affected....like if you have it enabled for people with 0 posts. I cant be bothered testing that.

Sledgie, if you could give me a list of your mods, and any errors from your log that would be great. If you fear trusting me with admin I'm sure Kat will vouch for me that I'm an SMF Friend. I just asked for the Friends badge to be removed. I used to be a Documentation Writer, and I did a lot of support and stuff too

.

Thank you Aishaweb for the test install to check this on!!

kat · January 29, 2010, 01:58:41 PM

* Kat vouches for Lizzy.

PHWOAR!

aishaweb · January 29, 2010, 02:07:42 PM

Quote from: Jade Elizabeth on January 29, 2010, 01:55:01 PM

Thank you Aishaweb for the test install to check this on!!

I'll leave it up if you wanna test mods on it.

pmh · January 30, 2010, 11:54:52 PM

Sledgie and all,

I had the same exact problem happen to me - My site has been victimized by a spammer who is using the "send this topic" button at the bottom of posts to send email from my site. The first time the incident happened I couldn't figure out exactly what happened (neither could my ISP) so they lifted my ban. One week later, the spammer sent email out again using the "send this topic" button (well, at least I think this is what happened). My ISP was not so nice the second time around. They suspended my website and told me if it happened again, they would ask me to find another service provider.

I went in to the admin panel and removed a few features from the members-->permissions--> "modify" regular members, and removed "Send personal messages", "Send topics to friends", "Send a forum email to members".

Since I'm still not confident that these actions will stop the spammers, I even deleted the email account associated with the forum and deactivated new membership until I can figure out what is going on.

I don't see the buttons anymore on my form (e.g. send this topic) like Sledgie does, but I'm still not confident that the actions I've taken will completely resolve the problem. If this happens again, my ISP will ban me, even though I've been with them for 5 years with no prior convictions.

Help! I would expect others will experience the same problems in the coming weeks.

Forum version: 1.1.11
Theme: default.

Tyrsson · January 31, 2010, 12:46:05 AM

I am checking into this now. Will post back shortly.

Tyrsson · January 31, 2010, 12:54:54 AM

Well, to track this down we need to know the answers to a few question.

1.)Do you have the forum set to allow guest to browse the forum?

2.)If the answer to 1) is yes then check this permission for question: Send topics to friends (make sure this is not checked).

3.)Is this spam coming from users for which no permission is granted to allow the sending of topics?

4.)If this is coming from a registered user that is denied this permission please PM the login details for an admin account to me so that I can check this.

News:

Send Topic Spam

aishaweb

kat

aishaweb

kat

kat

kat

aishaweb