WebSite X5Help Center

 
George G.
George G.
User

Contact Form and spam  en

Auteur : George G.
Visité 1132, Followers 1, Partagé 0  

Hello, 

I use a contact form on www.bcimport.com , defined mandatory fields , somehow I started to get spam where mandatory fields are empty . Please see attached file.

Posté le
17 RéPONSES - 1 CORRECT
George G.
George G.
User
Auteur

just recived it again , please see attached

Lire plus
Posté le de George G.
Daniel W.
Daniel W.
User

How is this supposed to work on a WebSite X5 website?

The contact form prevents sending if all mandatory fields are not filled out.

I once tried to send a test email without mandatory fields by deactivating Javascript - did the test email arrive?

Lire plus
Posté le de Daniel W.
Daniel W.
Daniel W.
User

When I tried to send an email using the contact form on my own website without required fields and without Javascript, no email arrived in my inbox.

If the moderators and other users don't have an explanation for this, then think about computer hackers.

Lire plus
Posté le de Daniel W.
George G.
George G.
User
Auteur

correct , i tested on my site and i have to enter all mandatory fields , but i recived email "spam" without email address etc. this is my question why i recive it . you can see example of the email i recived , attached it

Lire plus
Posté le de George G.
Daniel W.
Daniel W.
User

Look at the email data and see who sent the email.

My email source data from WebSite X5, see

--------------

...

X-Mailer: WebSiteX5 Mailer

...

--------------

Lire plus
Posté le de Daniel W.
George G.
George G.
User
Auteur

not sure how to check it. looks like I sender 

Received: from p3nlsmtpcp01-04.prod.phx3.secureserver.net (p3nlsmtpcp01-04.prod.phx3.secureserver.net. [184.168.200.145])        by mx.google.com with ESMTPS id v15-20020a63f84f000000b00578b9fb24f3si6395605pgj.633.2023.10.07.11.26.06        for <***>        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);        Sat, 07 Oct 2023 11:26:06 -0700 (PDT)Received: from 1.51.109.208.host.secureserver.net ([208.109.29.197]) by : HOSTING RELAY : with ESMTP id pBz7qvGR4PElOpBz7qGPd0; Sat, 07 Oct 2023 11:25:05 -0700Received: from d07463k72vkm by p3plzcpnl446376.prod.phx3.secureserver.net with local (Exim 4.95) (envelope-from <***>) id 1qpBz2-000CX0-KE for ***; Sat, 07 Oct 2023 11:25:05 -0700Received: by 2002:a98:d698:0:b0:1dc:3805:a4d with SMTP id j24csp1138736eik;        Sat, 7 Oct 2023 11:26:06 -0700 (PDT)From: <***>To: <***>Subject: Pre-Order FormDate: Sat, 7 Oct 2023 11:25:00 -0700Message-ID: <***>MIME-Version: 1.0Content-Type: multipart/alternative; boundary="----=_NextPart_000_01DA_01D9F91D.01239FE0"X-Mailer: PHPMailer 6.8.0 (https://github.com/PHPMailer/PHPMailer)X-Google-Smtp-Source: AGHT+IFkFyshF0yA94KZJuEAdWFS8dptGfLaHaAyz01GM7anLmhS/Woyj1lcXY8OIIa/tYxOf4NYX-Received: by 2002:a05:6a20:258d:b0:14d:e075:fc5d with SMTP id k13-20020a056a20258d00b0014de075fc5dmr11887948pzd.40.1696703166621;        Sat, 07 Oct 2023 11:26:06 -0700 (PDT)Authentication-Results: mx.google.com;       spf=none (google.com: p3plzcpnl446376.prod.phx3.secureserver.net does not designate permitted sender hosts) smtp.mailfrom=***X-PHP-Script: www.bcimport.com/imemail/imEmailForm.php for 102.132.55.242X-AntiAbuse: Originator/Caller UID/GID - [4139399 493] / [47 12]X-AntiAbuse: Sender Address Domain - p3plzcpnl446376.prod.phx3.secureserver.netX-AntiAbuse: This header was added to track abuse, please include it with any abuse reportX-AntiAbuse: Primary Hostname - p3plzcpnl446376.prod.phx3.secureserver.netX-AntiAbuse: Original Domain - bcimport.comX-Source: X-Source-Args: X-Source-Dir: bcimport.com:/public_html/imemailX-CMAE-Envelope: MS4xfGDOSM0HftWQV7X70vonXChTWE8fEeKvqFQMBCsavjMeY6Ys5/Ha+2epgveWzhP76ZHCbvl8ieeQkBOSRPf/7bpPx34X7ZX6BxW02azssmz36rQPGPgS /jbvpEQ/kXFuM+dkslzQXy6cOTtXejyWAAg9HcxqDQKHwFMwuv4I/pibhGhh8cdPeJf3Jf6yaJL6VF9shcBHNiFDQJtrWovhasVzIL0OPOPwiiLkOkelUtUZ 95EUJ/GgPUosRcsaoFVtfqeKi+KleJ+LLW8l1xSlaWc=X-CMAE-Analysis: v=2.4 cv=Lu1UiFRc c=1 sm=1 tr=0 ts=6521a281 a=g5LoElPmNSr/5YvQWl575Q==:117 a=9+rZDBEiDlHhcck0kWbJtElFXBc=:19 a=gQX1269ULFhLm4Thdby34LUHVW0=:19 a=s-OpnFVU5ZwA:10 a=bhdUkHdE2iEA:10 a=-RIbooJhKqIJ1ZW3q88A:9 a=CjuIK1q_8ugA:10 a=fMW43-iuAAAA:8 a=3A0EZa0jAAAA:8 a=EZtmQQ7Z_Q-7lC6VEbIA:9 a=6E1xvfHL9LYlYox3:21 a=_W_S_7VecoQA:10 a=KQfRc-HUBziL8MdbFjS7:22 a=cSr838TJuDf7tnkDJ9_2:22 a=ZW2NNh2aYziXGU3T3RmG:22 a=zALZfkenC-pMgxhVixwC:22X-SECURESERVER-ACCT: d07463k72vkmX-PHP-Filename: /home/d07463k72vkm/public_html/imemail/imEmailForm.php REMOTE_ADDR: 102.132.55.242X-Get-Message-Sender-Via: p3plzcpnl446376.prod.phx3.secureserver.net: authenticated_id: d07463k72vkm/from_hX-Authenticated-Sender: p3plzcpnl446376.prod.phx3.secureserver.net: ***Thread-Index: AQGKYcS2J1mNPtpYNehRzK08z5Bx8A==

Lire plus
Posté le de George G.
Daniel W.
Daniel W.
User

The difference might be that I'm using the "Standard Script" instead of the "PHP Mailer (recommended)".

So wait for the moderators or the Incomedia employees.

Lire plus
Posté le de Daniel W.
Incomedia
Stefano G.
Incomedia

Hello George

Did you enable the Recaptcha v2 on your forms from the software or not?

If not, could you try enabling that and see if the situation persists?

I remain available here

Stefano

Lire plus
Posté le de Stefano G.
George G.
George G.
User
Auteur

Hello Stefano, the "check word" is enabled , please see picture describe the issue. Please note the email i recived doesn't included mandatory fields , like email address. you can see it on picture. I did try to use different options from PHP Meller , but i have other issues with it.

Lire plus
Posté le de George G.
 ‪ KolAsim ‪ ‪
 ‪ KolAsim ‪ ‪
Moderator
Meilleur utilisateur du mois ESMeilleur utilisateur du mois PT
George G.
...  ...  ... looks like I sender  ...  ...  ...  ...   ... 

... In fact it's so ... 

.

Lire plus
Posté le de  ‪ KolAsim ‪ ‪
Incomedia
Stefano G.
Incomedia

Hello George

I would recommend, in this case, using the Recaptcha v2 from Google instead of our integrated captcha system.

It is more reliable in case of severe spamming situations such as this. Can you please try and enable that?

I remain available here

Stefano

Lire plus
Posté le de Stefano G.
George G.
George G.
User
Auteur

Hello, google Recaptcha v2 is enabled now , I will let you know if it help tomorrow. Thank you for the support.

Lire plus
Posté le de George G.
George G.
George G.
User
Auteur

Looks better now , I recived just one empty email in 24h . Thank you.

Lire plus
Posté le de George G.
George G.
George G.
User
Auteur

Sorry , started to recive empty forms again, google Recaptcha v2 is enabled. Please advise

Lire plus
Posté le de George G.
Incomedia
Stefano G.
Incomedia

Hello George

If the spam is still happening, you might be a target of a more advanced bot Spam. I would advise moving the contact form to another page for the moment. Change the page and its name and see if the spam continues this way. 

This is usually enough to stop the spam from happening

I remain available here

Stefano

Lire plus
Posté le de Stefano G.
George G.
George G.
User
Auteur

Hi Stefano,

I found the issue , looks like was conflict with my old version of the site and new one . After deleted all files from the server I dont have spam 2 days.

Thank you for your support. 

Lire plus
Posté le de George G.