ISP disabled outbound E-Mail due to spam?

Started by cgallery, July 04, 2019, 03:43:42 PM

Previous topic - Next topic

cgallery

I'm using 2.0.15.  I use CleanTalk to control spammers, been using it for over a year.  Thought it was working pretty well.

Got an E-Mail this morning from my ISP (BlueHost)...

QuoteWe are contacting you today because we have disabled your outbound email services temporarily. The reason for this is because you've got a forum that spammers were subscribing to to get messages sent out. They used a spam trap email address that actually resulted in our mail server getting blacklisted.

We need you to add protection to it so it isn't being exploited in the future. You will need to contact us and let us know this has been resolved for us to restore your email services.

For protection, we ask that you require an account to subscribe to topic notifications if you haven't already. We also ask that you add protection to your sign-up page so that spammers cannot automate it. You can do this by using a captcha or something similar to that.

To activate your account, please visit our BlueHost account reactivation center. Use the link below:

I'm not getting any spam in my forums.  The only thing I can imagine, is that a spammer could use someone else's E-Mail address to sign-up for my forum, causing that person to receive an E-Mail to confirm their address.  And if that someone used a honey pot, then that would be something.

But I don't understand why a spammer would do this, as it would seem they'd not be getting THEIR message through.

I've contacted Bluehost to see if they have a copy of anything that was supposedly sent via my SMF installation.  But it is a holiday in the U.S., so maybe I won't get a quick response or any at all.

Any tips on where I should be looking?

cgallery

Ugh, I'm probably an idiot.  Just going through permissions it looks like "Send topic to friend" was enabled for "Regular Members" (my largest base).

So they could enter whatever E-Mail address they want, and add their own content?

vbgamer45

I would disable that for guests as well.
But, it could also be sure a person that signed up that didn't get caught by cleantalk. Or an old user whose domain expired and was then reregistered as a spamtrap.

I also suggest either of these mods
https://custom.simplemachines.org/mods/index.php?mod=1519
https://custom.simplemachines.org/mods/index.php?mod=1547


I would also ask for as much detail as you can from your host on the listing.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

cgallery

Quote from: vbgamer45 on July 04, 2019, 04:06:16 PM
I would disable that for guests as well.
But, it could also be sure a person that signed up that didn't get caught by cleantalk. Or an old user whose domain expired and was then reregistered as a spamtrap.

I also suggest either of these mods
https://custom.simplemachines.org/mods/index.php?mod=1519
https://custom.simplemachines.org/mods/index.php?mod=1547


I would also ask for as much detail as you can from your host on the listing.

Got it, thank you for your help!

cgallery

A follow-up Q:  Is it possible to change a setting somewhere or add a mod that gives me a better idea of E-Mails being sent?

My forum isn't as big as most of the ones you guys are running, if I see more than a few E-Mails going out a day, I can be very suspicious I've screwed something up somewhere.

vbgamer45

You can setup a mail log in php.ini to see what is sent
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

cgallery

Oh crap.

I sent an E-Mail to an outside address, it was delivered.  I went back and looked at the E-Mail, and it is a scam.

The link to click on to reactivate contains "bluehost.com" as a subdomain of another domain.

Sorry.

I've still implemented the suggested changes.

Kindred

Also if you used that link, change your hosting passwords
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

cgallery

Quote from: Kindred on July 04, 2019, 08:10:08 PM
Also if you used that link, change your hosting passwords

Thankfully I didn't.

Advertisement: