Posted on: 2005/12/14 16:00
SPAM Using XOOPS scripts?
Hey guys, it's been a while since I have checked in but, I was wondering if anyone has a clue as to what might be happening with my site?
To start, I have been receiving THOUSANDS of SPAM emails over the past few months with my domain as the sender (firstname.lastname@example.org
). At first, I just thought that a spammer was using a know good domain name to send spam with my domain name attached.
Then I wondered. What if they were using one of the mailxxx.php forms in XOOPS? So, I renamed the modules/system/admin/mailusers dir to something else and the spams seemed to have stopped (for now).
Could someone be using some kind of injection technique to use these forms for sending SPAM? If so, is there a fix? I read in another post that someone suggested using logs to get IP's and add those to a .htaccess file. I have noticed hundreds of addresses so that might be fruitless to keep up with.
Wakeboarding, it's a lifestyle.