Getting bombarded with spam emails via Joomla

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Sun Apr 09, 2006 6:42 am
Location: Normandy, France

Getting bombarded with spam emails via Joomla

Postby jross » Fri Mar 16, 2018 11:16 pm

Hello, my client is receiving hundreds of spam emails with the subject, Undelivered Mail Returned to Sender

The message itself is

"Aussie Princess" <>
3/16/2018 2:45 AM

This is a copy of the following message you sent to Aussie Princess via Aussie Princess Luxury Boat Charters

This is an enquiry email via from:
Леночка Козлова <> ... VcNLPWVGCA

Is this happening as a result of the site (Joomla 3.8.6) being hacked? What can I do to stop this torrent of emails?
Any advice would be appreciated.
Thanks, JR

User avatar
Joomla! Guru
Joomla! Guru
Posts: 590
Joined: Tue Jan 13, 2009 11:50 pm
Location: San Diego, California, USA

Re: Getting bombarded with spam emails via Joomla

Postby creativesights » Sat Mar 17, 2018 12:04 am

You could turn off email sending in the global configuration. It's aggressive, but you're website won't be able to send any email. Additionally it will help confirm whether or not the email is actually coming from the site.

We use Admin Tools Pro on a lot of sites, if you can identify the IP that's on the site, you can block it. Your hosting company can often be a good resource with blocking traffic like that also.
Andrew Crossan
Professional Custom Website Design & Development in San Diego

User avatar
Joomla! Champion
Joomla! Champion
Posts: 5088
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia

Re: Getting bombarded with spam emails via Joomla

Postby sozzled » Sat Mar 17, 2018 12:04 am

There are many topics on this forum that discuss spam and spam emails. I suggest that you use the Joomla forum search search.php

This question is not unique to any specific version of Joomla.
Former member of Kunena project team
If you think I’m wrong then say “I think you're wrong.” If you say “You’re wrong!”, how do you know?

User avatar
Joomla! Ace
Joomla! Ace
Posts: 1580
Joined: Thu Sep 13, 2007 11:39 am
Location: UK

Re: Getting bombarded with spam emails via Joomla

Postby fcoulter » Sat Mar 17, 2018 12:18 pm

To be clear about this, it does not mean that your site has been hacked.

It looks as if the spammer is trying to abuse the function that allows the user to send a copy to themselves of a message sent through the contact form.

You can actually turn off the display of the checkbox on the contact form that allows this in the contacts component options. I am not sure though if that stops the email itself from being sent, I guess you would have to try it to see.

Otherwise you can try enabling re-captcha on the contact form, that is usually quite effective. You just need to enable the recaptcha plugin, get some keys (see, and set this as the default captcha for your site. for Joomla! extensions my personal website
Security Forum moderator :: VEL team member
"Wearing my tin foil hat with pride"

Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Sat Jun 19, 2010 7:14 am

Re: Getting bombarded with spam emails via Joomla

Postby giovannino » Mon Mar 19, 2018 6:32 pm

Hello, I got same issue with 3.7.3 standard contacts plugin. The message that automatically arrive to my admin mail is "Delivery Status Notification (Failure)"... with some specific strange email in cirillic or chinese from
Did you fix it or not ?
Is it only sent to administator ? It's the only user as far now.

User avatar
Joomla! Master
Joomla! Master
Posts: 14604
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Getting bombarded with spam emails via Joomla

Postby mandville » Mon Mar 19, 2018 7:38 pm

giovannino wrote:Hello, I got same issue with 3.7.3
then you are using an out of date vulnerable version of joomla.

Did you fix it or not ?

there is nothing for the developers of joomla to fix, the fix is with the adminsitrators of the website that uses joomla .
Is it only sent to administator ? It's the only user as far now.Thanks
well i think you will find its actually sent to the email address listed for the the administrator or the reply to address for the website.

see the answers and suggestions above for how to get you to sort your site out.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

Return to “Security in Joomla! 3.x”

Who is online

Users browsing this forum: No registered users and 7 guests