Electroserver Posted May 6, 2006 Posted May 6, 2006 How do I stop spammers from relaying though my osCommerce installation? they are sending the relay via bcc; from a spoofed source. I can not figure out how to stop this! here is a copy of the header Received: from surgemail02.dentals.info [65.61.206.22] by dpmail24.doteasy.com with ESMTP (SMTPD32-8.05) id A97B143100A0; Sat, 06 May 2006 11:22:51 -0700 Received: from dprhensim26.doteasy.com (unverified [65.61.230.1]) by surgemail02.dentals.info (DEO) with ESMTP id 156330 for <petsupply%[email protected]>; Sat, 06 May 2006 11:28:43 -0700 Return-Path: <[email protected]> Received: from valuepetsupply.com (localhost.localdomain [127.0.0.1]) by dprhensim26.doteasy.com (8.12.10/8.12.10) with ESMTP id k46IOr0J005911 for <petsupply%[email protected]>; Sat, 6 May 2006 11:24:53 -0700 Received: (from petsupply@localhost) by valuepetsupply.com (8.12.10/8.12.10/Submit) id k46IOrqh005909; Sat, 6 May 2006 11:24:53 -0700 Date: Sat, 6 May 2006 11:24:53 -0700 Message-Id: <[email protected]> To: "Frank Nassida" <petsupply%[email protected]> Subject: Enquiry from Value Pet Supply From: "[email protected]" <[email protected]> X-Mailer: osCommerce Mailer X-Server: High Performance Mail Server - http://surgemail.com r=34189668 X-RCPT-TO: <petsupply%[email protected]> Status: R X-UIDL: 393506476 X-Antivirus: AVG for E-mail 7.1.392 [268.5.5/333] Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=iso-8859-1 My host is using surge mail Thanks for any help!
Terra Posted May 6, 2006 Posted May 6, 2006 Have you updated your shop with the latest patches? http://www.oscommerce.com/ext/update-20051113.html If not, that's the first thing to do - contains vital upgrades to protect against spamming & hacking. Terra My code for combining PayPal IPN with ** QTPro 4.25 ** osC Affiliate ** CCGV(trad) and how to solve the invoice already paid error General info: Allow customer to delete order comment ** FTP Programs & Text Editors ** Amending order email **
yanarasod Posted May 6, 2006 Posted May 6, 2006 Have you updated your shop with the latest patches? http://www.oscommerce.com/ext/update-20051113.html If not, that's the first thing to do - contains vital upgrades to protect against spamming & hacking. Terra thanks for the info, i wanted to know whether it is needed to change all the codes mentioned on that page.
Guest Posted May 6, 2006 Posted May 6, 2006 thanks for the info, i wanted to know whether it is needed to change all the codes mentioned on that page. they wouldn't have released the package if it wasn't :thumbsup:
yanarasod Posted May 6, 2006 Posted May 6, 2006 there are many links to the update which one should i try http://www.oscommerce.com/ext/update-20051112.txt http://www.oscommerce.com/ext/update-20051113.html
yanarasod Posted May 6, 2006 Posted May 6, 2006 can you please tell me one more thing, in the info boxes there is a image in both sides, where do i find that, searched all info boxes but couldn't find anything, just visit: www.bhuratea.com and there near all the boxes you will see different coloured image other than blue, i want to remove that image.
Electroserver Posted May 7, 2006 Author Posted May 7, 2006 Have you updated your shop with the latest patches? http://www.oscommerce.com/ext/update-20051113.html If not, that's the first thing to do - contains vital upgrades to protect against spamming & hacking. Terra Yes, I completely re-installed with the latest osCommerce 2.2-MS2, I have an auto responder, and it fires back the spoofed email address plus the destination email, which is under the bcc: If I could figure out how to block that, I bet they would stop!
Terra Posted May 8, 2006 Posted May 8, 2006 Yes, I completely re-installed with the latest osCommerce 2.2-MS2. I have an auto responder, and it fires back the spoofed email address plus the destination email, which is under the bcc: Applying the latest fix should stop the problem as it filters out all malicious code, so that's a surprise. I have never worked with surgemail though (I'm using the SMTP of our own server). I'm also weary of auto-responders as our email system once got locked into auto-responder ping-pong (our auto-responder "talking" with their auto-responder) and have them disabled. One certain fix is to remove the contact form and replace with a simple email. You can javascript protect the email to make sure it is not picked up by spambots like this: <script type="text/javascript" language=javascript> <!-- var username = "username"; var hostname = "domain.com"; var linktext = username + "@" + hostname; document.write("<a href=" + "mail" + "to:" + username + "@" + hostname + ">" + linktext + "<\/a>") //--> </script> <!-- js ends --> <noscript>username at domain.com</noscript> Replace username and domain.com with your own details. And in the noscript part write something which will be visible to people who have javascript disabled. I'm using as simple "at" instead of @ - most users know how to send an email, but you can also tell them to replace "at" with @. Above code is currently installed in language level file on my site - just go to contact_us.php to check how it works with javascript en- or disabled. (PS: my url is shown in personal profile) not the most elegant solution but will stop any spam relay. Alternatively - I'm also wondering if the spam is actually successful, as the latest osCom security patches definitely stop the spam injections. If your site is being exploited, then your hosting company should be well aware as they will see a huge surge of emails, plus probably a black-listing by SpamCop. Have you checked your mail logs and /or with your hosting company to see if your shop/mailserver is actually successfully used to send out spam? If not, you might just get the emails with spoofed details of unsuccessful attempts, if that makes sense. With the latest security patches, I really can't see how your site could be abused - the patch pretty much closes all lopeholes. Might also be worth double-checking that your shop does indeed include the fix - some mirror sites or control panels do not include the latest version of osCom, so only versions directly downloaded from www.oscommere.org are the updated, safe version. all the best, Terra My code for combining PayPal IPN with ** QTPro 4.25 ** osC Affiliate ** CCGV(trad) and how to solve the invoice already paid error General info: Allow customer to delete order comment ** FTP Programs & Text Editors ** Amending order email **
bobsi18 Posted June 10, 2006 Posted June 10, 2006 <script type="text/javascript" language=javascript> <!-- var username = "username"; var hostname = "domain.com"; var linktext = username + "@" + hostname; document.write("<a href=" + "mail" + "to:" + username + "@" + hostname + ">" + linktext + "<\/a>") //--> </script> <!-- js ends --> <noscript>username at domain.com</noscript> Above code is currently installed in language level file on my site - Hi there... I was thinking of doing something like this to lessen the amount of spam I'm getting, just wondering if you can expand on the statement "above code is currently installed in language level file" --> I understand that I could add it everywhere that I wanted to display the email address, but is there somewhere I could set it up, and then just refer to STORE_EMAIL? Hope you understand what I'm trying to ask... Thanks :) ~bobsi18~
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.