News:

SMF 2.1.6 has been released! Take it for a spin! Read more.

Main Menu

[Urgent] Someone Spamming from My Site

Started by SwapsRulez, July 13, 2008, 05:04:36 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 All
User actions

青山 素子

#20
August 16, 2008, 02:03:03 PM
Is it via a direct e-mail, or is it using the PM system? (Users will get an e-mail alert of the PM by default, so it could look like a standard e-mail.)
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.

SwapsRulez

#21
August 16, 2008, 03:14:55 PM
Quote from: Motoko-chan on August 16, 2008, 02:03:03 PM
Is it via a direct e-mail, or is it using the PM system? (Users will get an e-mail alert of the PM by default, so it could look like a standard e-mail.)

They are using Integrated mail system in forum.

Which is generally done by following action.

http://www.project-bb.org/index.php?action=emailuser;sa=email;uid=1
http://www.project-bb.org/index.php?action=emailuser;sa=email;uid=2
http://www.project-bb.org/index.php?action=emailuser;sa=email;uid=3



You can access that thing here just like this

http://www.simplemachines.org/community/index.php?action=emailuser;sa=email;uid=151644 (for sending mail to me)
http://www.simplemachines.org/community/index.php?action=emailuser;sa=email;uid=5345  (for sending mail to you)
Project-BB.org : Educational Forum For Engineering, Diploma & Technical Students

The Engineering, Diploma & All technical students lounge for Free Projects, Seminars, Syllabus, Question Papers, College Assignments, Placement Papers, E-Books, Company Information & other technical stuffs.

ccbtimewiz

#22
August 26, 2008, 07:37:29 PM
Still having this issue?

Display.php is found in the ./Sources directory.

thefley

#23
August 27, 2008, 08:10:20 PM



in 1.1.5 and 2.0 can't you just delete this info for them mail server, that will stop everyone from emailing.  but like they stated before if they already harvested the emails it will be to late.

Feature Configuration

Mail type              (PHP default)     SMTP  

SMTP  server            pop.central.cox.net
SMTP port                 smtp.central.cox.net
SMTP username         USERNAME
SMTP password           Password

www.greatplainsriders.com

Deprecated

#24
August 27, 2008, 09:09:39 PM Last Edit: August 27, 2008, 09:11:13 PM by Deprecated
Swaps, I get incredibly annoyed at people who are doing what they are doing to you. It appears from reading this topic that there is probably a member or ex-member who has a grudge against you, and I hope I can help you regain the upper hand.

As far as I'm concerned, the first thing to do is to stop that vindictive person right now. You said they are using the email user action. Let's just turn off that action for the time being.

First find this line in your index.php:
Code Select
'emailuser' => array('SendTopic.php', 'EmailUser'),


Put two slashes in front of it so that you comment it out. This completely turns off the email user action as you can probably see. Yes I know you want your mods/admins to retain this function but let's do some triage here. The most important thing is to stop this a-hole.

Now I presume you know who it is, but if you don't you should look in your server logs and filter for action=emailuser; and get the IP address he's using. Then put this in your .htaccess file (assuming you have Apache which is the usual case):

Code Select
order allow,deny
deny from 123.45.6
allow from all

This prevents anybody from 123.45.6.* from accessing your forum. The * is implied in an .htaccess file when the fourth octet is omitted. You should substitute the first three octets of the offender's IP address for the example above.

Now I'm not particularly into coding at this late hour for me, 1800 and been online since 0500, but I'll be happy to take another look at your problem tomorrow, and I'm watching this thread to see if I can help you further.

I think with the steps I outlined above, and either should stop him, but with both I think it's almost a sure thing we can prevent any further emails. Then we can look into how we can restore the email action for your mods/admins.

So what do you think? Let's get this mofo and freeze him in his tracks! :)

Deprecated

#25
August 27, 2008, 09:28:19 PM
I forgot to add, test the .htaccess on your own IP address first. Satisfy yourself that it's working. Then put in the offender's IP address.

jctyler

#26
September 04, 2008, 12:06:04 PM Last Edit: September 04, 2008, 12:40:11 PM by jctyler
I don't get it. Why isn't there simply an option to disable emails at all from anybody if the admin wants that?

The only reason for email that I see is during registration to activate the membership. This could possibly be enabled by itself but I would accept that email activation was disabled as a result of general email disabling.

If there is no way to see or use any email, everybody would use PM private messaging. If someone wants to email someone else, she can PM this person and ask for her email. So why is there any need for any email available to anyone at all? It's opening doors to all kinds of abuse and that is one aggro I don't need.

(I've come across this thread because I want to disable all email from my forum; and I will not touch the code as I know nothing about that.)



Deprecated

#27
September 04, 2008, 01:24:16 PM
There isn't any 2.0 configuration setting to turn off the email to members function???

carbonize

#28
October 30, 2008, 07:34:20 AM
As SlammedDime has already said you can simply disable it in permissions. Don't people bother reading the replies?
C a r b o n i z e

CraftyLion

#29
April 02, 2009, 02:37:40 AM
It seems you haven't read the replies either. The suggestion doesn't solve the issue because it doesn't address individual sending of emails [as opposed to forwarding topics] to other people.
Print
Go Up Pages 1 2 All
User actions
Advertisement: