Our domain email address started receiving blank spam emails from our contact form (this is known from the header). They are from seemingly random email addresses and have no content. They are received roughly every 5 minutes with occasional 45 minute breaks. The form works correctly and I've tried both Askimet and Honeypot plugins (both together and separately) to no avail. The contact form (Contact-Form-7) has required fields. I believe Honeypot is failing due to the blank content and the hidden field not being populated. Here is an example of what the email contains:
From: WordPress [mailto:info#domain.com]
Sent: Thursday, April 13, 2017 3:47 PM
To: info#domain.com
Subject: contact form from domain.com
Name: 58f0002d1ad5f 58f0002d1ada9
Email: randomname#random.com
Subject:
Message:
The random name & email services are from various providers (billy#hotmail.com, kelly#yahoo.com, jim#gmail.com, etc). The Name field contains a seemingly random string (58efeaa9252e7 58efeaa92532d, 58efeaaf3099c 58efeaaf309da,58f0002d1ad5f 58f0002d1ada9, etc)
What is responsible for this particular type of spam?
What is the actual goal of blank spam email?
Is there another plugin or workaround that could filter the spam besides captcha?
Honeypot will not catch blank email spam as noted above. Invisible reCaptcha will prevent this particular type of spam.
As far as possible motivation(s)/reason(s):
1.The spammers send the e-mail, along with a million others. Some bounce, some don't. They now know which e-mail addresses are still current.
2.Some people, amazingly, actually reply, even if it's just to say "Unsubscribe me!". Bingo, the e-mail address is current and there's a person behind it, and that person actually opens e-mails sent by the particular send address they've used.
3.Sometimes the content isn't as empty as it seems. For instance, many spam messages contain a one-pixel-by-one-pixel image with a trackback url; as soon as you view the message, they get pinged that this particular pixel was viewed - Bingo as above. That's the reason many modern mail clients warn you about images in messages and suggest you don't view the images unless you trust the source.
You could use invisible reCAPTCHA or use Contact Form's build in quiz/question.
I'm having the same issue with this bot/spammer. Honeypot doesn't work for me either. Would be interested to know the source and goal of this spammer.
Related
After a long investigation, I am not able to find the correct event to use JUST before the order confirmation email is sent.
I need to add a value in the s_order_attributes table which will be included in the email template.
I tried many events (e.g. checkout) but they are all triggered after the email ones.
thanks !
Looking at the code when the email is sent I assume there are two events you can try. You can either try Shopware_Modules_Order_SendMail_FilterVariables or sOrder::sendMail::before. These are executed right before the sending. If the attributes are not loaded from the database anymore in that moment you can set the public variables in sOrder to change the values that get into the mail. This might help you out as well but I prefer the FilterVariables event as it gives you direct access to the variables.
I've been attempting to log activity on a mobile-like device using the Google Analytics Measurement Protocol. All of these attempts have validated using the validation URL, and I can see activity when I look at the real-time reports on the Analytics website. But when I look at the Home or Overview reports for the day - no activity is shown.
The view is set for "All Mobile App Data".
The POST body looks something like this:
v=1&tid=UA-000000000-1&ds=app&qt=1601&uid=uid-zzzzz&t=screenview&cd=Foo&an=Foo%20App%20Name&aid=com.example.foo&aiid=com.example.foo&av=0.0.1&ua=Mozilla%2F5.0%20(Linux%3B%20Android%207.0%3B%20SM-G930V%20Build%2FNRD90M)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F59.0.3071.125%20Mobile%20Safari%2F537.36
The ua field is just a pre-defined string. I found that if I omitted it, the Real Time monitoring listed the hits as desktop hits, although I was in a Mobile report and the ds field was "app".
Am I missing a field that is required? Is there some reason why it is showing up in the real-time report, but not in a daily report? Is there some other way to diagnose why the data is vanishing, or confirm the data is actually being captured?
When i check the debug endpoint the hit is valid
Request:
https://www.google-analytics.com/debug/collect?v=1&tid=UA-XXX-1&ds=app&qt=1601&uid=uid-zzzzz&t=screenview&cd=Foo&an=Foo%20App%20Name&aid=com.example.foo&aiid=com.example.foo&av=0.0.1&ua=Mozilla%2F5.0%20(Linux%3B%20Android%207.0%3B%20SM-G930V%20Build%2FNRD90M)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F59.0.3071.125%20Mobile%20Safari%2F537.36
Response
{
"hitParsingResult": [ {
"valid": true,
"parserMessage": [ ],
"hit": "/debug/collect?v=1\u0026tid=UA-53766825-1\u0026ds=app\u0026qt=1601\u0026uid=uid-zzzzz\u0026t=screenview\u0026cd=Foo\u0026an=Foo%20App%20Name\u0026aid=com.example.foo\u0026aiid=com.example.foo\u0026av=0.0.1\u0026ua=Mozilla%2F5.0%20(Linux%3B%20Android%207.0%3B%20SM-G930V%20Build%2FNRD90M)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F59.0.3071.125%20Mobile%20Safari%2F537.36"
} ],
"parserMessage": [ {
"messageType": "INFO",
"description": "Found 1 hit in the request."
} ]
}
I cannot use one of the mobile libraries from Firebase - this is not one of the platforms they support. I do not wish to pretend this is a web page - there is no associated hostname or path. I do not wish to use Events since I can't do event Behavior Flow, which is one of the things I'm interested in seeing.
I'm aware that it can sometimes take "a day or so" for results to first appear. The site was setup over five days ago at this point, and has received data during that time.
Good thought about the anti-spam setting, however the setting appears to be correct:
I've also tried using GET instead of POST - no change, it still shows the hit in real-time, but then it vanishes.
However, I know that it can record hits permanently. There were two hits from a spammer in Russia that have shown up in the daily report (I wasn't there to see it show up in real-time). I don't know what they did, but would love to find out since it might help figure out how I can add a record.
In the real-time reports, it correctly points out the data center all the hits are coming from. Perhaps that is filtering it out somewhere out of my control?
Try adding Cid I know it says this is an optional parameter but for mobile accounts I belive it may be required.
Client ID
Optional.
This field is required if User ID (uid) is not specified in the request. This anonymously identifies a particular user, device, or browser instance. For the web, this is generally stored as a first-party cookie with a two-year expiration. For mobile apps, this is randomly generated for each particular instance of an application install. The value of this field should be a random UUID (version 4) as described in http://www.ietf.org/rfc/rfc4122.txt.
Example value: 35009a79-1a05-49d7-b876-2b884d0f825b
Although this says it needs to be a UUIDv4, it does work with other UUIDs (I've tested it with a v5, which is a hash against the value used for the uid parameter).
I'm sending some programmatically-created meetings to Exchange 2010 accounts through an ASP.NET application. Everyone receives without any problem the invitation email except the organizer, whose Outlook 2013 sends it to the Deleted Items folder directly. "Meeting cannot be found in the Calendar", it says.
I imagine it's happening because indeed the organizer does not have that meeting in his calendar and Outlook fails trying to set everything for him.
Here's the body:
string strBodyCalendar = "BEGIN:VCALENDAR\r\nMETHOD:REQUEST\r\nPRODID:Microsoft CDO for Microsoft Exchange\r\nVERSION:2.0\r\nBEGIN:VTIMEZONE\r\nTZID:(GMT-06.00) Central Time (US & Canada)\r\nX-MICROSOFT-CDO-TZID:11\r\nBEGIN:STANDARD\r\nDTSTART:16010101T020000\r\nTZOFFSETFROM:-0500\r\nTZOFFSETTO:-0600\r\nRRULE:FREQ=YEARLY;WKST=MO;INTERVAL=1;BYMONTH=11;BYDAY=1SU\r\nEND:STANDARD\r\nBEGIN:DAYLIGHT\r\nDTSTART:16010101T020000\r\nTZOFFSETFROM:-0600\r\nTZOFFSETTO:-0500\r\nRRULE:FREQ=YEARLY;WKST=MO;INTERVAL=1;BYMONTH=3;BYDAY=2SU\r\nEND:DAYLIGHT\r\nEND:VTIMEZONE\r\nBEGIN:VEVENT\r\nDTSTAMP:{8}\r\nDTSTART:{0}\r\nSUMMARY:{7}\r\nUID:{5}\r\nATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=\"{9}\":MAILTO:{9}\r\nACTION;RSVP=TRUE;CN=\"{4}\":MAILTO:{4}\r\nORGANIZER;CN=\"{3}\":mailto:{4}\r\nLOCATION:{2}\r\nDTEND:{1}\r\nDESCRIPTION:{7}\\N\r\nSEQUENCE:1\r\nPRIORITY:5\r\nCLASS:\r\nCREATED:{8}\r\nLAST-MODIFIED:{8}\r\nSTATUS:CONFIRMED\r\nTRANSP:OPAQUE\r\nX-MICROSOFT-CDO-BUSYSTATUS:BUSY\r\nX-MICROSOFT-CDO-INSTTYPE:0\r\nX-MICROSOFT-CDO-INTENDEDSTATUS:BUSY\r\nX-MICROSOFT-CDO-ALLDAYEVENT:FALSE\r\nX-MICROSOFT-CDO-IMPORTANCE:1\r\nX-MICROSOFT-CDO-OWNERAPPTID:-1\r\nX-MICROSOFT-CDO-ATTENDEE-CRITICAL-CHANGE:{8}\r\nX-MICROSOFT-CDO-OWNER-CRITICAL-CHANGE:{8}\r\nBEGIN:VALARM\r\nACTION:DISPLAY\r\nDESCRIPTION:REMINDER\r\nTRIGGER;RELATED=START:-PT00H15M00S\r\nEND:VALARM\r\nEND:VEVENT\r\nEND:VCALENDAR\r\n";
strBodyCalendar = string.Format(strBodyCalendar, dtStart.ToUniversalTime().ToString(strCalDateFormat), dtEnd.ToUniversalTime().ToString(strCalDateFormat),
strLocation, strOrganizerName, strOrganizerEmail, Guid.NewGuid().ToString("B"), strSummary, strSubject,
DateTime.Now.ToUniversalTime().ToString(strCalDateFormat), macAttendeeList.ToString());
I'm not sure how to format the body to show that user as the sender (and organizer?) without making Outlook going crazy trying to find something that does not exist.
Through the website I don't have permissions to access the organizer's calendar and create the meeting before sending anything.
Any hints?
I found the answer also in Stack Overflow. Silly me.
iCalendar does not create an event for organizer
Anyway, it cannot be done by sending an email as the organizer, what I want and need; but you can use EWS for sending appointments as a specific account to which you have access. Bummer.
I'm in a situation in which i need to be able to create a topics using self created bot. My forum has a special category and user, which can create a topics in that category.
Technology i'm using to create that bot is ruby + mechanize gem but it's not important right now. That bot works in a following way:
Sign in as previously mentioned user:
visit - /ucp.php?mode=login
fill the sign-in form using user credentials
if, after submiting a form, there is a sign-out link somewhere on the page, threat this whole process as "successfull"
Create a topic
visit - /posting.php?mode=post&f=21
fill subject field with desired subject
fill message field with desired message
submit a form using Submit button
And now, while first point works just great, the second one behaves in a strange way. After submiting a form, there is no error message or anything like that, i'm just getting redirected to /viewforum.php?f=21 (log's says that it's 302 Moved Temporarily status) page and the topic is not there.
Can anyone tell me what such behaviour means? Is there any security mechanism i don't know about? Please also note that the new topic form has form_token and creation_time fields filled correctly while form is beeing submited.
Thanks in advance for any clues.
According to this thread: https://stackoverflow.com/a/11713867/552936, user is treated as a bot if he sends a form without any delay (and it end's up with a 302 redirect). I can't find any info on google what's the exact delay, carck3r says that it's 8 seconds but for me, it was 2 seconds.
I currently have a registration form for people to signup and pick a date for an "appointment". They get sent an e-mail right after filling it up with the details. I need another e-mail to be sent a day before their chosen date to remind them, but that can't be fulfilled by plugins I currently have.
Does anyone know of any Wordpress plug-in that allows the sending of an e-mail message (with a template and user specific data) based on a specified date?
Any piece of information or advice would be highly appreciated. Thanks!
How I would approach this would be with Wordpresses event scheduling. When a user submits the form to schedule their appointment, set a new action for the reminder email:
// Set this when you send the confirmation email
// Set the $unix_timestamp to be whenever you want the reminder to be sent.
// Args can be an array of the data you will need. Such as the users email/appt date
$args = array(
'email' => 'email#email.com'
);
wp_schedule_single_event($unix_timestamp, 'set_reminder', $args);
Now we have to catch that, and create a function to actually create and send the email (assuming you use a similar process):
add_action('set_reminder','do_reminder');
function do_reminder($args) {
// $email = $args['email'], etc.
// send reminder email.
}
I recommend Wysija Newsletters. You http://wordpress.org/extend/plugins/wysija-newsletters/. You can use template and user specific data in your email with this plugin.
If you are comfortable with writing your own code(I guess you are more or less ok with that), you can use the WordPress Schedule API(okay, maybe that's not the official name, but it works). Basically it's kind of a cron-job, but for WordPress. It has one downside though - it will only trigger on time, if WordPress is rendered(in other words accessed, so that it's code will execute). That can be easily fixed by adding a simple cron-job to your hosting account, that will simply access your home page every X hours.
You can find useful information on the API here.
Basically what you should have inside of your scheduled function is to get the records of people that should be sent reminder emails(you should probably store additional information about whether a reminder email has been sent or not) and send them the emails. I don't know what is the way you're storing the information from the registration form, but if you are using a Custom Post Type, then things should be pretty easy for you.