Spam Alert

  • Hi,

    Latest Contact Form version 4.0.45

    Since a few days, I am receiving a lot of e-mails that are spam coming from the contact form on my website. It seems the contact form is used to send the mails to the e-mail address indicated in the form as I am receiving rejected emails sent to this address filled in the form. Of course I also receive the message filled in the form. It goes that I receive one message filled in the form plus the rejected message sent to the e-mail address filled in the form.

    One example of rejected email I am receiving :

    <…[email protected]>: host gmail-smtp-in.l.google.com[74.125.206.26] said:
    550-5.7.1 Unauthenticated email from mail.ru is not accepted due to
    domain’s 550-5.7.1 DMARC policy. Please contact the administrator of
    mail.ru domain if 550-5.7.1 this was a legitimate mail. Please visit
    550-5.7.1 https://support.google.com/mail/answer/2451690 to learn about
    the 550 5.7.1 DMARC initiative. e138si79725901wmf.124 – gsmtp (in reply to
    end of DATA command)

    Final-Recipient: rfc822; …[email protected]
    Action: failed
    Status: 5.7.1
    Remote-MTA: dns; gmail-smtp-in.l.google.com
    Diagnostic-Code: smtp; 550-5.7.1 Unauthenticated email from mail.ru is not
    accepted due to domain’s 550-5.7.1 DMARC policy. Please contact the
    administrator of mail.ru domain if 550-5.7.1 this was a legitimate mail.
    Please visit 550-5.7.1 https://support.google.com/mail/answer/2451690 to
    learn about the 550 5.7.1 DMARC initiative. e138si79725901wmf.124 – gsmtp

    From: MichaelRug [Email Removed]
    To: …[email protected]
    Cc:
    Date: Thu, 5 Jan 2017 01:25:06 +0000
    Subject: Dragon Fly Contact
    To:
    Webmaster

    Name:
    MichaelRug

    Email:
    [Email Removed]

    Message:
    Jak korzystnie pozby? si? starych monet?

    Uda?o Ci si? znale?? star? monet? podczas spaceru? A mo?e
    odziedziczy?e? taki przedmiot po dziadku lub babc……

Viewing 15 replies - 1 through 15 (of 17 total)

  • I have several clients who are getting bombarded with spam also. I had hoped to replace the captcha on the form with a Google recaptcha, but I saw in another thread that’s not possible. I’m hoping there’s another fix for this. I don’t want to use another plugin.

    • This reply was modified 7 years, 10 months ago by topcat.
    Thread Starter oderycke

    (@oderycke)

    It started on previous version of Secure Contact Form. Last update was made yesterday but it did not solve the problem, spam goes on.

    Hi, have you checked the following documentation?

    Thread Starter oderycke

    (@oderycke)

    Hello mbrsolution

    Thanks for the link. I checked it and tried to Enable honeypot spambot trap, plus the Bad Behavior WordPress plugin.

    Let’s see how it goes.

    Best,

    I have the same problem and they are all coming from mail.ru, mail.ea yandex.ru and Yandex.com.

    I have blocked several countries using my firewall and they are still coming through the contact form. Followed your instructions and was still receiving spam.
    I am using Askimet, Spam Assassin on the server and a firewall plus WordFence.

    I never had the issue prior to the most recent update. Used a different contact form and I stopped receiving spam.

    Hi (@seovrjoyd), thank you for reporting back. Which other contact form plugin are you currently using if you don’t mind me asking?

    I have sent a message to the plugin developer to investigate further your findings.

    Regards

    Contact Form 7. They employ Google re-captcha

    I am not a fan of that contact form. Would rather use FS contact form

    Just one question did you also have the following enabled under Security tab?

    Enable Form Post security by requiring domain name match for localhost (recommended).

    @mbrsolution, I can tell you that I personally have that selected, but it hasn’t prevented the issue.

    They are human spammers. No captcha will stop human spammers.

    here is the help page for this
    https://www.fastsecurecontactform.com/receiving-spam-emails

    Also make sure to carefully follow the instructions for mail settings on the Basic settings tab of your form setup.

    Set the “Return-path address” setting to a real email address on the
    SAME domain as your web site. This step really is ALWAYS necessary so
    mail is properly identified as originating from your server

    Also be sure to check this setting box:
    Enable when web host requires “Mail From” strictly tied to site (don’t
    skip this important step!). Click “Save Changes”

    I have that box checked. The majority of the spam is mail.ru, mail.ea, yandex.com and yandex.ru. I am pretty sure they are bots. Most of the spam is coming through the contact form I placed on the sidebar of my site. I changed that form to another plugin that used re-captcha and I have not received any spam in the last day. I am still using FS contact from on my contact pages. I ran several tests.
    The contact form submission seems to go through but when I tested one of the forms on the back end I received the following message:

    The page you are trying to access is restricted due to a security rule.

    If you believe the security rule is affecting the normal operation of your website, contact your host support team and provide detailed instructions how to recreate this error.
    They will be able to assist you with rectifying the problem and adjusting the security configuration if needed.

    Thread Starter oderycke

    (@oderycke)

    @seovrjoyd

    Hello,

    what you are describing is exactly what I have which is the opening of this post. I also read the paper on FS Form to setup the right parameters. The spam slowed down but is not stopped completely. The source is the same mail.ru, mail.ea, yandex.com and yandex.ru and checking the ip address it indeed comes from St Petersburg area.

    The only thing I can do at the moment is to block the ip address where this spam is coning from.

    I stay tuned to see if there is any other solution coming.

    I will look into making a reCaptcha addon plugin. One of the things that always held me back from that is the lack of support for two forms on one page

    • This reply was modified 7 years, 10 months ago by Mike Challis.

    Yeah, I was looking at the developers website and he hasn’t responded to anyone in the support forum for a long time. The Better Wp re-captcha plugin is working on my sites though. For now.

    • This reply was modified 7 years, 10 months ago by seovrjoyd.
Viewing 15 replies - 1 through 15 (of 17 total)
  • The topic ‘Spam Alert’ is closed to new replies.