Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Spammed Newsletter Subscribers List Rate Topic   - - - - -

 
  • Brennie369
  • Senior Member
  • Members
  • Join Date: 17-Mar 08
  • 828 posts

Posted 29 July 2016 - 09:55 PM #1

I've noticed my newsletter subscribers list has been spammed, as in hundreds upon hundreds of bs emails added to it. Some from existing websites (i.e. name@stupidwebsite.com, some about web design, some porn, etc.) and some just generic emails at yahoo or gmail.com or whatever. It appears that they've added 10-50 a day for the past two months or so.

 

My question is, what is their purpose in doing this? If one is legit and they receive a newsletter, are they able to somehow harvest the entire list of subscribers it was sent to? If not what could be the reason for doing this?

 

Edit for additional question: When a newseltter is sent, does it sent to the most recent addresses added to the list or in order of oldest to recent, or is it random?


CS-Cart 4.6.3


 
  • squeeze
  • Newbie
  • Trial users
  • Join Date: 25-Jul 16
  • 6 posts

Posted 30 July 2016 - 01:47 AM #2

I encounter this matter when i try to registered some forum and access denied.And then what i,m gonna do is contacting their support and get mailed like this''

 

It is likely that your IP address has been used by others for negative activities on other forums. Our forum software uses a service provided by StopForumSpam.com to screen people coming to our site. You can go to this site and search for your IP address.  In order to access our site, you'll want to either work with StopForumSpam to get your IP cleaned up, or you'll want to work with your Internet Service Provider to get an IP address that isn't listed on StopForumSpam.com.

If you find that your IP is not on StopForumSpam, then you should try registering a different user name. In some cases our forum flags user names that have a high report of spamming.

We'd be thrilled to have you on our forum. As you can see, once you get on, we'll do our best to keep the spam away for you too.

 

I don't know if this topic is related to you mam brenie369.I check this stopforumspam and i check my email and ip if it is blocklisted but luckily not.



 
  • Brennie369
  • Senior Member
  • Members
  • Join Date: 17-Mar 08
  • 828 posts

Posted 01 August 2016 - 12:17 PM #3

I don't think it relates, as nothing of mine was rejected - it's just a lot of bogus emails were added to my newsletter subscribers list.


CS-Cart 4.6.3


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 10,066 posts

Posted 02 August 2016 - 01:06 AM #4

I don't think there's a point other than trying to disrupt you.

Can't you use captcha for the subscriber list?


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • krola
  • Advanced Member
  • Members
  • Join Date: 18-Jun 11
  • 68 posts

Posted 20 March 2017 - 01:01 PM #5

I have the same problem. Every day lost of subscriberes get on the list and I have a strong feeling they are not doing it themselves. How and why are there subscribers added and what can I do to prevent it? How someone can help with this. I don't want to be sending my newsletter to lost of people who didn't really whant ot recieve it.

Thanks in advance anyone who would help!



 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 15,781 posts

Posted 20 March 2017 - 02:17 PM #6

Additional code customization is required to add reCaptcha to newsletter form. I do not know why CS-Cart developer did not add this required feature


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration

Certified CS-Cart RU Developer | Сертифицированный разработчик на CS-Cart Русская Версия

 

Posted 07 October 2017 - 04:13 PM #7

Has anyone fixed this issue...   Just got hit with over 30k newsletter signups in the past week..


Car Stickers and Decals
Cs-Cart 4.6.3 / Future Hosting Private Dedicated Server - Xeon E5-2420, 32Gb, 480 SSD x4
2 Storefronts - Over 60,000 Products / 400+ Categories / 140k Monthly Visitors


 
  • Brennie369
  • Senior Member
  • Members
  • Join Date: 17-Mar 08
  • 828 posts

Posted 08 October 2017 - 01:47 PM #8

Has anyone fixed this issue...   Just got hit with over 30k newsletter signups in the past week..

 

I removed the subscribe box from the main pages, leaving it only on the checkout pages. This might not be an ideal fix because you lose subscribers that aren't buyers (yet), but it has solved it.


CS-Cart 4.6.3


 
  • Darius
  • Douchebag
  • Members
  • Join Date: 20-Apr 08
  • 2,988 posts

Posted 08 October 2017 - 02:48 PM #9

Same here, removed subscribe box from homepage


4.5.2 SP2


 

Posted 08 October 2017 - 10:14 PM #10

Yup.. Did the same..  Wish we could get reCaptcha added to the subscriber signup..


Car Stickers and Decals
Cs-Cart 4.6.3 / Future Hosting Private Dedicated Server - Xeon E5-2420, 32Gb, 480 SSD x4
2 Storefronts - Over 60,000 Products / 400+ Categories / 140k Monthly Visitors


 

Posted 09 October 2017 - 06:27 AM #11

What CS-Cart version you are using? In version 4.5.2, we added CSRF protection for this form, that should prevent bots from subscribing to newsletters

 

Yup.. Did the same..  Wish we could get reCaptcha added to the subscriber signup..

 

Same here, removed subscribe box from homepage

 

I removed the subscribe box from the main pages, leaving it only on the checkout pages. This might not be an ideal fix because you lose subscribers that aren't buyers (yet), but it has solved it.


Sincerely yours, CS-Cart Support Team

 

User guide       |  Developer documentation  |  Core API documentation


 
  • Darius
  • Douchebag
  • Members
  • Join Date: 20-Apr 08
  • 2,988 posts

Posted 09 October 2017 - 08:05 AM #12

This has happened to me earlier this year (when I was on version prior 452), but I only now noticed this huge list of emails just after finding this thread. It would be good some sort of popup recaptcha to confirm subscription

 

What CS-Cart version you are using? In version 4.5.2, we added CSRF protection for this form, that should prevent bots from subscribing to newsletters


4.5.2 SP2


 

Posted 10 October 2017 - 07:22 AM #13

Please check if the anti_csrf tweak is enabled in the config.local.php file of your installation.


Sincerely yours, CS-Cart Support Team

 

User guide       |  Developer documentation  |  Core API documentation


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 15,781 posts

Posted 10 October 2017 - 08:56 AM #14

What CS-Cart version you are using? In version 4.5.2, we added CSRF protection for this form, that should prevent bots from subscribing to newsletters

 

Could you please explain in few words how it works?


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration

Certified CS-Cart RU Developer | Сертифицированный разработчик на CS-Cart Русская Версия

 

Posted 10 October 2017 - 09:47 PM #15

'anti_csrf' => true, // protect forms from CSRF attacks

 It's enabled on my site.. Makes no difference..  Need recaptcha to confirm not a bot...


Car Stickers and Decals
Cs-Cart 4.6.3 / Future Hosting Private Dedicated Server - Xeon E5-2420, 32Gb, 480 SSD x4
2 Storefronts - Over 60,000 Products / 400+ Categories / 140k Monthly Visitors


 

Posted 30 October 2017 - 07:44 AM #16

Our software engineers confirmed this issue. They are working on solution


Sincerely yours, CS-Cart Support Team

 

User guide       |  Developer documentation  |  Core API documentation


 
  • imac
  • CTO
  • CS-Cart Architects
  • Join Date: 22-Nov 05
  • 1,759 posts

Posted 30 October 2017 - 07:53 AM #17

Hi guys,

 

We plan to integrated Double Opt-in in CS-Cart 4.7.1 which is will be released approximately in a month,

Double Opt-in is a mechanism that requires email confirmation.

Unfortunately Anti SCRF can not protect from script that emulates cookie and sessions - in fact they behave similar to any real users.

We thought about implementing captcha but decided not to do it, because it's not good way from usability point of view.


Ilya Makarov,
CS-Cart Architect Team
Suggest and vote for new features | Report a bug

 
  • Magpie Don
  • Senior Member
  • Members
  • Join Date: 01-Apr 09
  • 807 posts

Posted 30 October 2017 - 03:02 PM #18

I already use Double Opt-in.

What happens is the "Confirmation" email sent to the subscriber is bounced back as Undeliverable, or gets flagged as spam by the recipient. When you are sending a couple of hundred Undeliverable "confirmation" email messages a day, because a bot is submitting your subscription form repeatedly, you end up getting blacklisted - which is the bigger problem.

I don't care that my mailing list has a  thousand "unconfirmed" subscribers - I don't send the newsletter to them anyway, and I can delete them, BUT when I get on blacklists - it's almost impossible to get off of some of them, and it interrupts communications with legitimate customers.

What CS-Cart needs is a dedicated page for subscribing to the newsletter - complete with captcha and an area for pitching the benefits of opting in. If you want to keep the simple subscription email field on the home page, or on any page, it is going to have to submit to that page, where the captcha field is and requires an additional submit. I would be happy with simply replacing the simple subscribe email field on the homepage with text or a graphic and linking it to the newsletter signup page.


CS-Cart Ultimate ver 4.3.5