Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 09:19 pm EDT

Geeklog Forums

E-mail spam fix?


Billy Gene

Anonymous
Doh! - that was a mistake I just realized that anyone can use GL to send spam to its members as visitors do not need to be logged in to use the internal GL e-mail system. I have anonymous submission and comments set to "1" meaning that members must be logged in yet this little exploit will still work. A small script that counts uid's could be used to automatically send spam to all members. :/ Is there a work-around?

 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Of course you can do that - it's a contact form after all ...

And there's an option to disable that for anonymous users (in your config.php). See this thread.

bye, Dirk
 Quote

Status: offline

vinny

Site Admin
Admin
Registered: 06/24/02
Posts: 352
Location:Colorado, USA
There is also a "speedlimit" on the email members function to prevent (or at least slow down) spammers. In any case, as Dirk suggested you should disable anonymous access to the feature.

-Vinny
 Quote

All times are EDT. The time is now 09:19 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content