Subject: E-mail spam fix?

Posted on: 27/06/05 05:14pm
By: Anonymous

I just realized that anyone can use GL to send spam to its members as visitors do not need to be logged in to use the internal GL e-mail system. I have anonymous submission and comments set to "1" meaning that members must be logged in yet this little exploit will still work. A small script that counts uid's could be used to automatically send spam to all members. :/ Is there a work-around?

E-mail spam fix?

Posted on: 27/06/05 05:29pm
By: Dirk

Of course you can do that - it's a contact form after all ...

And there's an option to disable that for anonymous users (in your config.php). See this thread.

bye, Dirk

E-mail spam fix?

Posted on: 27/06/05 10:46pm
By: vinny

There is also a "speedlimit" on the email members function to prevent (or at least slow down) spammers. In any case, as Dirk suggested you should disable anonymous access to the feature.


Geeklog - Forum