Yes got another spam mail just now. “The sum” doesnt seem to be working correctly anymore or the bots got smarter… Or something else I am missing. But the messages have the ip adress in it and I only use this email on the contactform so I dont know whats wrong.
Plugin Author
Guido
(@guido07111975)
Hi,
Too bad! The sum is just 1 part of the anti-spam features of plugin. Please note that spam is also send by humans, and it’s impossible to block this kind of spam. I’m afraid I don’t have a solution for this.
Guido
Hello Guido, “Too Bad!” you mean this in the good way right, as it that’s terrible? It was just something we noticed. It worked very well for years, only 2 a 3 spam mails a year. Since this week it spiralled into multiple all of a sudden, everything is updated. As there was a 14.8 update to fix something regarding the sum, I asked if there might still be an issue. Not ment in a bad way. Just trying to figure out what the issue is. The nature of the content of the mails, I dont see how humans would benefit from sending that, but yes could be, would be a weird waste of time though. It cant be bots are getting smarter?
Plugin Author
Guido
(@guido07111975)
Hello Guido, “Too Bad!” you mean this in the good way right, as it that’s terrible?
Of course. I’m not a native ENG speaker, so maybe it’s not the best reaction in this case.
In previous versions it was possible to bypass the sum, so bots were able to re-use the same sum value over and over again. This is fixed and approved by the reporter of this vulnerability. But I think most users never have experienced this.
I’ve added extra features to fight spam recently. Via the settings page you can activate a function that ignores form submissions with weblinks. So if your spam submissions contain weblinks (they often do), you could consider using this.
Guido
Yes I thought so, understandable, thank you. The link part I can discuss, I overlooked this, have to think if no mail gets missed, but could be a good one. It wasnt my intention to say its a bad plugin or anything, cause works fine, just was some uptick in spam all of a sudden. I think we both hate these spammers and it is getting worse, and we can only do so much. I know google recaptcha can be tricked aswell now. Just needed to know for sure. Thank you for your answer Guido.
Plugin Author
Guido
(@guido07111975)
Hi,
If all spam mails contain multiple weblinks, you could set allowed links at 1 and activate the “ignore” feature, so only submissions with 1 link or no links go through. Normal users would not add many links in a form submission, I guess.
And if all spam submissions come from the same IP address you can perhaps block this IP.
Guido
The Ip blocking I did and do. And the banned feature I use, but have to use with caution as words that need banning that cant be used in a possible normal way. About this I have a question if I may. Some spam is for example in Russian alphabet. So can I ban those letters? Or is this seen as the equivalent letters in the main alphabet? So for example: ” й, ж, д, и, л “.
Yeah the links so far are mostly 1 time used. But still could come in handy to close the door a bit more.
Plugin Author
Guido
(@guido07111975)
Hi,
You can try adding the Russian characters in the banned words input (comma separated) and do a test submission (without the “ignore” feature active). It will work if you’re getting an error notification after pressing submit. Cannot test myself now, not at home at the moment 😉
Guido
yes could have tested that myself haha, sorry will do.
Unfortunately it translates the Russian signs to common alphabet, so this doesnt work.
Also is it possible to get issues with caching maybe? Not sure if that is possible, but just to ask…
FYI. I rechecked the russian signs and words dont get banned. And when you place a comma behind the last word in the ban list it it bans 100% of all words.
But you added a warning message ‘please dont use a link’ that makes it known to clients so that is a good work around by blocking links in message field.
Plugin Author
Guido
(@guido07111975)
Hi,
But you added a warning message ‘please dont use a link’ that makes it known to clients
This way human spammers can change their submissions so they will get through. So this might not reduce spam.
I will do some testing with Russian characters as well, this weekend.
Just talked with another user and he also does receive lots of spam via his contact form lately. IP address is different most of the times, so blocking that is no option.
Guido
Thats true and I know its a terribly difficult thing to tackle. If there are many human spammers, then they really need some new goals in life ;). But you thought it through that by letting them send email in limbo, that is quite smart actually.
Thank you for your updates and work. Just my 2 cents. When other language characters can be blocked that might filter out quite some stuff.
Also maybe its a coincidence, but the sum seems to come out to answer 15 mostly. But maybe a coincidence from my side.
Yes I can confirm, all different IP’s here too.
Plugin Author
Guido
(@guido07111975)
Also maybe its a coincidence, but the sum seems to come out to answer 15 mostly. But maybe a coincidence from my side.
That’s a coincidence, because every hour or after a succesfull form submission a new sum is created.
Will do some testing with special characters later today..
Guido
Thought so, thanks for looking into this.
