1
rudycash
xDirectory - targeted by scammers!
  • 2005/1/25 19:26

  • rudycash

  • Just popping in

  • Posts: 70

  • Since: 2004/2/12


Help - I use XDirectory on a lot of my sites. Recently I've had a lot of complaints about scammers sending bogus e-mails using the xDirectory e-mail forms that go with the listings.

Can I disable the e-mail function for all the listings? How would I go about this.


2
monde
Re: xDirectory - targeted by scammers!
  • 2005/1/25 19:51

  • monde

  • Friend of XOOPS

  • Posts: 69

  • Since: 2004/11/15


If your email system is an open relay, that's a problem whether you're using xDirectory or not.
I suggest you lock down your email system regardless of whether you figure out how to disable email forms in xDirectory.
Since your system has already been compromised, a smart spammer will be able to get your account information and relay the mail they want through your system.
If you're not hosting your own email, contact your provider and have them set up SMTPAuth for you.

- Sid

3
rudycash
Re: xDirectory - targeted by scammers!
  • 2005/1/25 19:55

  • rudycash

  • Just popping in

  • Posts: 70

  • Since: 2004/2/12


No no no - that is not the problem. The system is not compromised. The scammers are simple going to my site and using the forms on XDirectory to send bogus e-mails. So I do just need to remove the e-mail button from the forms.

I've tried changing the templates but the e-mail button still shows up.

4
hyperpod
Re: xDirectory - targeted by scammers!
  • 2005/1/25 20:03

  • hyperpod

  • Quite a regular

  • Posts: 359

  • Since: 2004/10/4


Rudy,

After changing the module templates, did you do the Admin|modules|update ?

This will update the templates xDirectory is using in the database.

Just changing the HTML files wont do it, you must also UPDATE the module :)

Cheers,

5
rudycash
Re: xDirectory - targeted by scammers!
  • 2005/1/25 20:10

  • rudycash

  • Just popping in

  • Posts: 70

  • Since: 2004/2/12


Yes I did that and updated the module and it didn't work.

I've just done it again and it did!

Thanks

6
hyperpod
Re: xDirectory - targeted by scammers!
  • 2005/1/25 20:11

  • hyperpod

  • Quite a regular

  • Posts: 359

  • Since: 2004/10/4


Ideally, there are two solutions to this that I can think of right now... (neither solutions has been implemented yet with xDir)

1. Add an Image Verification to the send mail function of xDirectory. You know, like the ones you see everywhere these days.

2. Add a hook into the directory which requires the person sending the contact to enter a valid email address, then sends a conformation to their email with a link that will actually send the original inquiry out. This would get rid of any spammers trying to send span to your clients, without leaving a trail.


I know this doesnt help your site right now, but its just some ideas that could solve that nasty problem.


Cheers,

7
rudycash
Re: xDirectory - targeted by scammers!
  • 2005/1/25 20:14

  • rudycash

  • Just popping in

  • Posts: 70

  • Since: 2004/2/12


The problem is the scammers are using a valid e-mail address as they want a reply.

Its a variation of the Nigerian 419 (or is 491) scam.

I've disabled the e-mail button now so I hope they will go away.

Login

Who's Online

210 user(s) are online (144 user(s) are browsing Support Forums)


Members: 0


Guests: 210


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits