Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2006-07-28 18:29:25

Plugin Author
From: Bakersfield, Ca
Registered: 2006-01-04
Posts: 21

Re: Text Pattern forum compromized? [ed: no]

I just got one too…

I hate spammers.


#2 2006-07-28 18:46:52

New Member
Registered: 2006-04-14
Posts: 3

Re: Text Pattern forum compromized? [ed: no]

LOL i got one of those too :P


#3 2006-07-28 20:27:50

From: Leeds, UK
Registered: 2006-01-29
Posts: 11,293
Website GitHub

Re: Text Pattern forum compromized? [ed: no]

Same here. What’s somewhat bizarre is that with our e-mail addresses set to private, someone’s gone to the trouble of registering an account to send this crap to, let’s face it, a bunch of cool techno geeks, hackers and web designers who have likely seen it all before.

Whoever the purported jacobdavid40@yahoo.com is, they didn’t really think it through did they?

Doughnut :-)

The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp


#4 2006-07-28 21:38:46

From: England
Registered: 2006-01-27
Posts: 539

Re: Text Pattern forum compromized? [ed: no]

If that’s the case it’s very strange that they picked me. I’m not the most active person here, preferring to lurk and soak up the knowledge and just post occasionally. I bet most of my posts are on pages 2 or 3 of the various forum sections by now.

I hate spammers. For some reason I’ve noticed a sudden increase both at home and work of the amount of spam I get these days.


#5 2006-07-28 22:47:24

Developer Emeritus
From: Melbourne, Australia
Registered: 2004-04-08
Posts: 2,579

Re: Text Pattern forum compromized? [ed: no]

Can someone please email me a copy of a message with full headers?



#6 2006-07-28 23:02:16

Developer Emeritus
From: Melbourne, Australia
Registered: 2004-04-08
Posts: 2,579

Re: Text Pattern forum compromized? [ed: no]

At this point it doesn’t look like a security breach. Someone created a regular forum account, logged in, and used the form email to manually send spam messages to some users (the send email link that appears to the left of each post).

You can select whether or not you want to allow form email in your profile (see link at top), under “Privacy”:

[ ] Display your e-mail address.
[ ] Hide your e-mail address but allow form e-mail.
[x] Hide your e-mail address and disallow form e-mail.



#7 2006-07-28 23:36:14

Developer Emeritus
From: Melbourne, Australia
Registered: 2004-04-08
Posts: 2,579

Re: Text Pattern forum compromized? [ed: no]

Update: confirmed. From the mail logs, it appears that no more than about 20 messages were sent. We’ve banned the user in question, and we’re looking at ways of restricting the use of the ‘send mail’ function (e.g. making it unavailable to new signups).



#8 2006-07-29 06:19:41

Sock Enthusiast
Registered: 2004-06-27
Posts: 6,236

Re: Text Pattern forum compromized? [ed: no]

I have set everyone’s email address to fully private. I advise you leave this setting as it is until the coast is clear.


#9 2006-07-29 06:42:27

Sock Enthusiast
Registered: 2004-06-27
Posts: 6,236

Re: Text Pattern forum compromized? [ed: no]

I also want to add: rest assured that your email address remains unknown to the spammer, all he could see was the email form itself.


#10 2006-07-30 11:38:58

From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,909

Re: Text Pattern forum compromized? [ed: no]

The reason you guys were picked is because your usernames all begin with early alphabet letters (a, b, c…). He simply started at the beggining and picked here and there. Much easier than say going all the way to “m” or “s”.


#11 2006-07-30 15:36:20

From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,909

Re: Text Pattern forum compromized? [ed: no]

Speaking of spam, for the first time in nearly two years of using zem_contact original, I’m getting spam through my mail form. Each time it comes from a yahoo.com address and has a meaningless username (different each time). I’m seeing them about once every couple of days. The body is always just a boatload of links to the usual shit: gambling, drugs, sex…

There’s a plugin I’ve seen for comments that looks for the number of links in a submitted comment and then deals with it accordingly, like puts it into moderation or whatever. Is there a way to do that with an email form where the body is scanned for a number of links and then deleted if a certain number is exceeded? Probably not since were talking about email protocols, but it sure would be nice.

By the way, anyone know how to delete an email account from TextDrive using Webmin? I don’t see how it’s done, or if it’s even possible.

Last edited by Destry (2006-07-30 15:38:21)


Board footer

Powered by FluxBB