Contact Form and spam
Auteur : George G.
Visité 1132,
Followers 1,
Partagé 0
Hello,
I use a contact form on www.bcimport.com , defined mandatory fields , somehow I started to get spam where mandatory fields are empty . Please see attached file.
Posté le
Auteur
just recived it again , please see attached
How is this supposed to work on a WebSite X5 website?
The contact form prevents sending if all mandatory fields are not filled out.
I once tried to send a test email without mandatory fields by deactivating Javascript - did the test email arrive?
When I tried to send an email using the contact form on my own website without required fields and without Javascript, no email arrived in my inbox.
If the moderators and other users don't have an explanation for this, then think about computer hackers.
Auteur
correct , i tested on my site and i have to enter all mandatory fields , but i recived email "spam" without email address etc. this is my question why i recive it . you can see example of the email i recived , attached it
Look at the email data and see who sent the email.
My email source data from WebSite X5, see
--------------
...
X-Mailer: WebSiteX5 Mailer
...
--------------
Auteur
not sure how to check it. looks like I sender
Received: from p3nlsmtpcp01-04.prod.phx3.secureserver.net (p3nlsmtpcp01-04.prod.phx3.secureserver.net. [184.168.200.145]) by mx.google.com with ESMTPS id v15-20020a63f84f000000b00578b9fb24f3si6395605pgj.633.2023.10.07.11.26.06 for <***> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 07 Oct 2023 11:26:06 -0700 (PDT)Received: from 1.51.109.208.host.secureserver.net ([208.109.29.197]) by : HOSTING RELAY : with ESMTP id pBz7qvGR4PElOpBz7qGPd0; Sat, 07 Oct 2023 11:25:05 -0700Received: from d07463k72vkm by p3plzcpnl446376.prod.phx3.secureserver.net with local (Exim 4.95) (envelope-from <***>) id 1qpBz2-000CX0-KE for ***; Sat, 07 Oct 2023 11:25:05 -0700Received: by 2002:a98:d698:0:b0:1dc:3805:a4d with SMTP id j24csp1138736eik; Sat, 7 Oct 2023 11:26:06 -0700 (PDT)From: <***>To: <***>Subject: Pre-Order FormDate: Sat, 7 Oct 2023 11:25:00 -0700Message-ID: <***>MIME-Version: 1.0Content-Type: multipart/alternative; boundary="----=_NextPart_000_01DA_01D9F91D.01239FE0"X-Mailer: PHPMailer 6.8.0 (https://github.com/PHPMailer/PHPMailer)X-Google-Smtp-Source: AGHT+IFkFyshF0yA94KZJuEAdWFS8dptGfLaHaAyz01GM7anLmhS/Woyj1lcXY8OIIa/tYxOf4NYX-Received: by 2002:a05:6a20:258d:b0:14d:e075:fc5d with SMTP id k13-20020a056a20258d00b0014de075fc5dmr11887948pzd.40.1696703166621; Sat, 07 Oct 2023 11:26:06 -0700 (PDT)Authentication-Results: mx.google.com; spf=none (google.com: p3plzcpnl446376.prod.phx3.secureserver.net does not designate permitted sender hosts) smtp.mailfrom=***X-PHP-Script: www.bcimport.com/imemail/imEmailForm.php for 102.132.55.242X-AntiAbuse: Originator/Caller UID/GID - [4139399 493] / [47 12]X-AntiAbuse: Sender Address Domain - p3plzcpnl446376.prod.phx3.secureserver.netX-AntiAbuse: This header was added to track abuse, please include it with any abuse reportX-AntiAbuse: Primary Hostname - p3plzcpnl446376.prod.phx3.secureserver.netX-AntiAbuse: Original Domain - bcimport.comX-Source: X-Source-Args: X-Source-Dir: bcimport.com:/public_html/imemailX-CMAE-Envelope: MS4xfGDOSM0HftWQV7X70vonXChTWE8fEeKvqFQMBCsavjMeY6Ys5/Ha+2epgveWzhP76ZHCbvl8ieeQkBOSRPf/7bpPx34X7ZX6BxW02azssmz36rQPGPgS /jbvpEQ/kXFuM+dkslzQXy6cOTtXejyWAAg9HcxqDQKHwFMwuv4I/pibhGhh8cdPeJf3Jf6yaJL6VF9shcBHNiFDQJtrWovhasVzIL0OPOPwiiLkOkelUtUZ 95EUJ/GgPUosRcsaoFVtfqeKi+KleJ+LLW8l1xSlaWc=X-CMAE-Analysis: v=2.4 cv=Lu1UiFRc c=1 sm=1 tr=0 ts=6521a281 a=g5LoElPmNSr/5YvQWl575Q==:117 a=9+rZDBEiDlHhcck0kWbJtElFXBc=:19 a=gQX1269ULFhLm4Thdby34LUHVW0=:19 a=s-OpnFVU5ZwA:10 a=bhdUkHdE2iEA:10 a=-RIbooJhKqIJ1ZW3q88A:9 a=CjuIK1q_8ugA:10 a=fMW43-iuAAAA:8 a=3A0EZa0jAAAA:8 a=EZtmQQ7Z_Q-7lC6VEbIA:9 a=6E1xvfHL9LYlYox3:21 a=_W_S_7VecoQA:10 a=KQfRc-HUBziL8MdbFjS7:22 a=cSr838TJuDf7tnkDJ9_2:22 a=ZW2NNh2aYziXGU3T3RmG:22 a=zALZfkenC-pMgxhVixwC:22X-SECURESERVER-ACCT: d07463k72vkmX-PHP-Filename: /home/d07463k72vkm/public_html/imemail/imEmailForm.php REMOTE_ADDR: 102.132.55.242X-Get-Message-Sender-Via: p3plzcpnl446376.prod.phx3.secureserver.net: authenticated_id: d07463k72vkm/from_hX-Authenticated-Sender: p3plzcpnl446376.prod.phx3.secureserver.net: ***Thread-Index: AQGKYcS2J1mNPtpYNehRzK08z5Bx8A==
The mail experts would have to analyze it more closely.
I found this part:
X-Mailer: PHPMailer 6.8.0 (https://github.com/PHPMailer/PHPMailer)
The difference might be that I'm using the "Standard Script" instead of the "PHP Mailer (recommended)".
So wait for the moderators or the Incomedia employees.
Hello George
Did you enable the Recaptcha v2 on your forms from the software or not?
If not, could you try enabling that and see if the situation persists?
I remain available here
Stefano
Auteur
Hello Stefano, the "check word" is enabled , please see picture describe the issue. Please note the email i recived doesn't included mandatory fields , like email address. you can see it on picture. I did try to use different options from PHP Meller , but i have other issues with it.
... In fact it's so ...
.
Hello George
I would recommend, in this case, using the Recaptcha v2 from Google instead of our integrated captcha system.
It is more reliable in case of severe spamming situations such as this. Can you please try and enable that?
I remain available here
Stefano
Auteur
Hello, google Recaptcha v2 is enabled now , I will let you know if it help tomorrow. Thank you for the support.
Auteur
Looks better now , I recived just one empty email in 24h . Thank you.
Auteur
Sorry , started to recive empty forms again, google Recaptcha v2 is enabled. Please advise
Hello George
If the spam is still happening, you might be a target of a more advanced bot Spam. I would advise moving the contact form to another page for the moment. Change the page and its name and see if the spam continues this way.
This is usually enough to stop the spam from happening
I remain available here
Stefano
Auteur
Hi Stefano,
I found the issue , looks like was conflict with my old version of the site and new one . After deleted all files from the server I dont have spam 2 days.
Thank you for your support.