Plug-in: zem_contact_reborn

thebombsite · 2006-03-18 11:45:50

Don’t tell everyone your secrets! ;)

Version .17 is the latest “public” release but we are already into .18 at our end which is what I was referring to. You should have a quick read of this post to see where we are going and what will be “missing”. I need to get a few things done then I shall bundle it up and email it over.

-P- · 2006-03-18 14:23:20

Yes, read the post and agree 100%

Whistles and bells are nice to have but main thing is security.

thebombsite · 2006-03-18 15:10:47

Good. I currently have version .18 sitting on my test site at the moment. I have it set to copysender=“yes” so if you do send an email you should get a copy and I’ve added some drop-down “select” boxes which are “required” so you can test it out by simply hitting the “Send” button without entering anything and watching the results. Try selecting one of the boxes and leaving the other two and see what happens and how it retains the selection you have made. Once you’ve done that try “refreshing” and see how the error message changes. And don’t sit there doing nothing for too long either. ;)

Oh, and that “Send” is a button element not an input element.

Last edited by thebombsite (2006-03-20 21:57:01)

1beb · 2006-03-20 21:48:30

Spam Attempts?

I am receiving the following from my contact form:

Email 1 =================================

Name: iv2376@bertelsen.ca

Email: iv2376@bertelsen.ca

Message: iv2376@bertelsen.ca

Email 2 ===================================

Name: inclosure6901@bertelsen.ca

Email: inclosure6901@bertelsen.ca

Message: approbation
Content-Type: multipart/alternative; boundary=02d369f25bf273fba8691621f8b042fb
MIME-Version: 1.0
Subject: is thrainin f r th autumn plumbin jimkanny. itchigan
bcc: hollowiog1503@aol.com

This is a multi-part message in MIME format.

—02d369f25bf273fba8691621f8b042fb
Content-Type: text/plain; charset=“us-ascii”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

be a eet. o, sir. etther death. m goin to begin a war f r freedom. m goin to
sthrike th shackles fr m a slave an m him. m goin to organize a rig mint iv
ough iders an whin stand on th top iv an
—02d369f25bf273fba8691621f8b042fb—

.

Email 3 ======================================

Name: leaning827@bertelsen.ca

Email: leaning827@bertelsen.ca

Message: leaning827@bertelsen.ca

Email 4 ================================

Name: they
Content-Type: multipart/alternative; boundary=6857d61b720678bc331c5831d14449bc
MIME-Version: 1

Email: she4210@bertelsen.ca

Message: she4210@bertelsen.ca

=================================================

Those are the bodies of the messages, the subject lines for all three are exactly what you would expect “Site Name > Inquiry”

Any thought on what this could be? To me, it looks like someone is attempting to run some spam through the system. Hopefully, by posting these it might give someone a little more insight as to how to stop spammers.

Thanks,

thebombsite · 2006-03-20 21:59:20

Thanks for that Brandon. What version are you on and are you running the pap_contact_cleaner add-on?

Last edited by thebombsite (2006-03-20 21:59:37)

1beb · 2006-03-21 03:01:40

Running:

Txp 4.0.2
zem_contact_reborn 4.0.3.16
zem_contact_lang 4.0.3.02

tranquillo · 2006-03-21 11:16:47

@-P-:
With modsecurity it is possible to scan the POST or GET body for bcc:, cc:, or to: and reject any request that contains those letters.
This may be causing the problems with bcc (copysender).

Last edited by tranquillo (2006-03-21 11:19:59)

thebombsite · 2006-03-21 19:46:07

@Brandon – OK and are you running the pap_contact_cleaner add-on as well?

1beb · 2006-03-21 20:11:06

No, no I am not. I was just interested to know wether or not this was a spam attempt. If so, did it work?

-P- · 2006-03-21 20:17:17

@ tranquillo

Sorry, don´t understand? Is there something I can do or is this due to my server settings?

thebombsite · 2006-03-21 20:57:23

@Brandon – Well example2 is showing a “bcc” so do you have the copysender=“yes” attribute in your form?

@ P It is your server settings, specifically “modsecurity”. You could contact your host and ask them if they are blocking “bcc” fields. If they are then “copysender” won’t work. They may or may not be willing to change it for you but check with them first to see what they are blocking, if anything. Did you receive your copy from my site?

Last edited by thebombsite (2006-03-21 20:59:12)

-P- · 2006-03-21 22:48:15

Yes, I did receive the senders copy from your test site, Stu :)

If it is my server settings, I believe that it is something that has been changed recently. After that huge spam attack during which those 20.000 or so spam emails were sent using contact forms on my sites, my server host told me that they had increased security by disabling some things. I assume that must be one of them then. Well, guess I just have to live with that setting. But good to know why, thank you.

Feels funny thou, when I set senders copy on, I receive the senders copy but not the actual email. In my logic it should be other away around if there is some bcc prevention. But then again, it´s my logic.

Textpattern CMS

Textpattern CMS support forum

#361 2006-03-18 11:45:50

Re: Plug-in: zem_contact_reborn

#362 2006-03-18 14:23:20

Re: Plug-in: zem_contact_reborn

#363 2006-03-18 15:10:47

Re: Plug-in: zem_contact_reborn

#364 2006-03-20 21:48:30

Re: Plug-in: zem_contact_reborn

#365 2006-03-20 21:59:20

Re: Plug-in: zem_contact_reborn

#366 2006-03-21 03:01:40

Re: Plug-in: zem_contact_reborn

#367 2006-03-21 11:16:47

Re: Plug-in: zem_contact_reborn

#368 2006-03-21 19:46:07

Re: Plug-in: zem_contact_reborn

#369 2006-03-21 20:11:06

Re: Plug-in: zem_contact_reborn

#370 2006-03-21 20:17:17

Re: Plug-in: zem_contact_reborn

#371 2006-03-21 20:57:23

Re: Plug-in: zem_contact_reborn

#372 2006-03-21 22:48:15

Re: Plug-in: zem_contact_reborn

Board footer