Hi,
I am having a problem with spam emails being sent through my website, phoenixcart version 1.0.4.0. I'm wondering if anyone has experience with this and may know a solution or a direction to a solution.
What have I already checked?
- I can't find any anomalous, strange or extra file.
- All folder permissions are 0555
- All file permissions are 0644
- All folder and file dates are from the installation date or the modification date.
- All forms are provided with reCAPTCHA-2 for BS Edge. (check box I'm not a robot)
Who can give me a direction where or with which I can tackle this problem?
P.S. Upgrading to the latest version 1.0.8.14 is taking too much time right now which I don't have right now.
Thanks in advance,
LuckyPiedro
Sending spam emails with verification via phoenixcart version 1.0.4.0
-
- Posts: 8
- Joined: Sun Apr 17, 2022 8:45 am
- Has thanked: 2 times
- Been thanked: 1 time
- Kofod95
- VIP Member
- Posts: 613
- Joined: Sat Feb 06, 2021 7:38 pm
- Has thanked: 80 times
- Been thanked: 142 times
Re: Sending spam emails with verification via phoenixcart version 1.0.4.0
Just to make sure: They are actually sent from your website and not just with your address as sender?Luckypiedro wrote: ↑Wed May 18, 2022 11:34 am I am having a problem with spam emails being sent through my website
The latter is unfortunately common and impossible to stop, so if that's the case you would just have to wait until it goes away
//Daniel
I'm not smart, but sometimes even a blind chicken can find a corn.
Here are a lot of corns: Phoenix user guide
Here are a lot of corns: Phoenix user guide
-
- Posts: 8
- Joined: Sun Apr 17, 2022 8:45 am
- Has thanked: 2 times
- Been thanked: 1 time
Re: Sending spam emails with verification via phoenixcart version 1.0.4.0
Hi Daniel,
First of all, my apologies for the late response. You helped me find the right direction.
Further investigation revealed that it was not the website (my-website.nl) itself, but the associated email address info@my-website.nl
Apparently the password of this email address had been leaked and got into the wrong hands.
After I changed the password I still saw email go away, but that was due to the spooler that still contained many messages with probably non-existing email addresses and/or domains.
I saw this from the name of the path that belongs to the email message, i.e.: "retry"
Also every day I see the list with the path "retry" getting shorter.
Thanks again for the advice on how to approach this issue.
Sincerely,
luckypiedro
First of all, my apologies for the late response. You helped me find the right direction.
Further investigation revealed that it was not the website (my-website.nl) itself, but the associated email address info@my-website.nl
Apparently the password of this email address had been leaked and got into the wrong hands.
After I changed the password I still saw email go away, but that was due to the spooler that still contained many messages with probably non-existing email addresses and/or domains.
I saw this from the name of the path that belongs to the email message, i.e.: "retry"
Also every day I see the list with the path "retry" getting shorter.
Thanks again for the advice on how to approach this issue.
Sincerely,
luckypiedro