Getting bombarded with spam emails via Joomla

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
jross
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 112
Joined: Sun Apr 09, 2006 6:42 am
Location: Normandy, France

Getting bombarded with spam emails via Joomla

Post by jross » Fri Mar 16, 2018 11:16 pm

Hello, my client is receiving hundreds of spam emails with the subject, Undelivered Mail Returned to Sender

The message itself is

Subject:
Copy of: ПОПОЛНЕНИЕ ВАШЕГО ЛИЧНОГО СЧЕТА #2672896
From:
"Aussie Princess" <lindsay@aussieprincess.com.au>
Date:
3/16/2018 2:45 AM
To:
<blade19731973@mail.ru>

This is a copy of the following message you sent to Aussie Princess via Aussie Princess Luxury Boat Charters

This is an enquiry email via http://aussieprincess.com.au/ from:
Леночка Козлова <blade19731973@mail.ru>

hxxps://api[.]monosnap[.]com/rpc/file/download?id=HQc7moTAL23OboieIfi5VcNLPWVGCA

Is this happening as a result of the site (Joomla 3.8.6) being hacked? What can I do to stop this torrent of emails?
Any advice would be appreciated.
Thanks, JR
Last edited by fcoulter on Fri Sep 28, 2018 10:15 am, edited 1 time in total.
Reason: edited link to prevent automatic link creation

User avatar
creativesights
Joomla! Guru
Joomla! Guru
Posts: 636
Joined: Tue Jan 13, 2009 11:50 pm
Location: San Diego, California, USA
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by creativesights » Sat Mar 17, 2018 12:04 am

You could turn off email sending in the global configuration. It's aggressive, but you're website won't be able to send any email. Additionally it will help confirm whether or not the email is actually coming from the site.

We use Admin Tools Pro on a lot of sites, if you can identify the IP that's on the site, you can block it. Your hosting company can often be a good resource with blocking traffic like that also.
Andrew Crossan
CreativeSights
Professional Custom Website Design & Development in San Diego
https://www.creativesights.com

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Sat Mar 17, 2018 12:04 am

There are many topics on this forum that discuss spam and spam emails. I suggest that you use the Joomla forum search search.php

This question is not unique to any specific version of Joomla.
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
fcoulter
Joomla! Ace
Joomla! Ace
Posts: 1685
Joined: Thu Sep 13, 2007 11:39 am
Location: UK
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by fcoulter » Sat Mar 17, 2018 12:18 pm

To be clear about this, it does not mean that your site has been hacked.

It looks as if the spammer is trying to abuse the function that allows the user to send a copy to themselves of a message sent through the contact form.

You can actually turn off the display of the checkbox on the contact form that allows this in the contacts component options. I am not sure though if that stops the email itself from being sent, I guess you would have to try it to see.

Otherwise you can try enabling re-captcha on the contact form, that is usually quite effective. You just need to enable the recaptcha plugin, get some keys (see https://www.google.com/recaptcha/intro/android.html), and set this as the default captcha for your site.
http://www.spiralscripts.co.uk for Joomla! extensions
http://www.fionacoulter.com/blog my personal website
Security Forum moderator :: VEL team member
"Wearing my tin foil hat with pride"

giovannino
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Sat Jun 19, 2010 7:14 am

Re: Getting bombarded with spam emails via Joomla

Post by giovannino » Mon Mar 19, 2018 6:32 pm

Hello, I got same issue with 3.7.3 standard contacts plugin. The message that automatically arrive to my admin mail is "Delivery Status Notification (Failure)"... with some specific strange email in cirillic or chinese from xxxxxxxx.ru
Did you fix it or not ?
Is it only sent to administator ? It's the only user as far now.
Thanks

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14844
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Getting bombarded with spam emails via Joomla

Post by mandville » Mon Mar 19, 2018 7:38 pm

giovannino wrote:Hello, I got same issue with 3.7.3
then you are using an out of date vulnerable version of joomla.
Did you fix it or not ?
there is nothing for the developers of joomla to fix, the fix is with the adminsitrators of the website that uses joomla .
Is it only sent to administator ? It's the only user as far now.Thanks
well i think you will find its actually sent to the email address listed for the the administrator or the reply to address for the website.

see the answers and suggestions above for how to get you to sort your site out.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

markcrobinson
Joomla! Intern
Joomla! Intern
Posts: 62
Joined: Mon Dec 25, 2006 3:23 am

Re: Getting bombarded with spam emails via Joomla

Post by markcrobinson » Tue Mar 05, 2019 9:50 pm

I was getting the same email spam. I contacted my host who gave the reply below. Thought it might be helpful to share:
Note that one of the sites does not have a contact form, but is still, apparently, vulnerable.

------------------------
Hello,

Thank you for all the information and for including the bounceback. According to the bounceback this email originated from your Joomla installation (/home/xxxxxxxxxxxxx/public_html/index.php).

This specific email is very familiar, as it states the following:

"This is an enquiry email via http:// xxxxxxxxx .com/ from:"

This is typically due to the contact form on your Joomla site being abused. I do see that your contact form uses a form of a captcha. The spammer could potentially be getting through this captcha, or there could be another form (even if it's hidden from the website) that the spammer is taking advantage of. Joomla has built in functionality of 'Send a copy to form submission address' that will email a copy of the email to the person submitting the form.

I don't see the checkbox for this on the site like it usually is, but I'm guessing the spammer is sending the POST request with the send copy attribute included in the POST data. It looks like there is a work around by renaming the component (components/com_mailto/) to something different (like components/com_mailto_DISABLED/).. but this could break some email functionality for the website potentially.

I'd recommend that you contact Joomla for their best recommendation.

stereosurround
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Mar 29, 2019 6:52 pm

Re: Getting bombarded with spam emails via Joomla

Post by stereosurround » Fri Mar 29, 2019 7:11 pm

Technically the error is not within Joomla, checking com_contact/controllers/contact.php revealed no flaws. However the ability to directly access a component apart from the menu structure carries serious caveats.

Any publicly available contact can be called directly using:

Code: Select all

/index.php?option=com_contact&view=contact&id=123
The main issue here is paying close attention to the configuration of the contacts component. If neither within global configuration, nor within the contact settings the mail form has been disabled, it will be displayed.

Say you'd want to make a single contact publicly available by adding a menu item using "Single Contact", it is not enough to hide the contact form within that menu item's settings - using the above link in combination to that contact's id will show the contact form.

A short hint to this circumstance within the description of the menu item's configuration would be appreciatable.

Recommendation: If your site does not require sending mails, disable it within global configuration and ideally within php.ini by adding disable_functions = mail. If your server allows further unrequired functions by default (e.g. exec), consider to disable these as well.

User avatar
Slackervaara
Joomla! Ace
Joomla! Ace
Posts: 1003
Joined: Sat Aug 13, 2011 6:27 am

Re: Getting bombarded with spam emails via Joomla

Post by Slackervaara » Sun Mar 31, 2019 5:11 pm

Joomlas master htaccess has a spam filter for words it works only from mails sent from the site, but you have to change to a unique word in your spam mails:


########## Begin - Basic antispam Filter, by SigSiu.net
## I removed some common words, tweak to your liking
## This code uses PCRE and works only with Apache 2.x.
## This code will NOT work with Apache 1.x servers.
RewriteCond %{QUERY_STRING} \b(ambien|blue\spill|cialis|cocaine|ejaculation|erectile)\b [NC,OR]
RewriteCond %{QUERY_STRING} \b(erections|[* spam *]|huronriveracres|impotence|levitra|libido)\b [NC,OR]
RewriteCond %{QUERY_STRING} \b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)\b [NC,OR]
## Note: The final RewriteCond must NOT use the [OR] flag.
RewriteCond %{QUERY_STRING} \b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b [NC]
RewriteRule .* - [F]
## Note: The previous lines are a "compressed" version
## of the filters. You can add your own filters as:
## RewriteCond %{QUERY_STRING} \bbadword\b [NC,OR]
## where "badword" is the word you want to exclude
########## End - Basic antispam Filter, by SigSiu.net

https://github.com/nikosdion/master-hta ... access.txt

markcrobinson
Joomla! Intern
Joomla! Intern
Posts: 62
Joined: Mon Dec 25, 2006 3:23 am

Re: Getting bombarded with spam emails via Joomla

Post by markcrobinson » Mon Apr 01, 2019 12:25 pm

stereosurround wrote:
Fri Mar 29, 2019 7:11 pm
Recommendation: If your site does not require sending mails, disable it within global configuration and ideally within php.ini by adding disable_functions = mail. If your server allows further unrequired functions by default (e.g. exec), consider to disable these as well.
... and if it does require sending emails?

evilded777
Joomla! Apprentice
Joomla! Apprentice
Posts: 23
Joined: Wed Mar 16, 2016 12:49 pm

Re: Getting bombarded with spam emails via Joomla

Post by evilded777 » Thu Apr 04, 2019 1:57 pm

Gotta say, some of the defenses here of "Joomla" are a little overboard. If you don't have something helpful to contribute... why?

This is clearly a problem. I have experienced it for a while on two different sites, and I am just trying to find a way to stop it.

I have switched forms, I have secured my mail requiring authentication, I have added captcha, I have removed the contact form from the one contact available.

Nothing has stopped it. We need some help, not people saying its our fault.

User avatar
Slackervaara
Joomla! Ace
Joomla! Ace
Posts: 1003
Joined: Sat Aug 13, 2011 6:27 am

Re: Getting bombarded with spam emails via Joomla

Post by Slackervaara » Thu Apr 04, 2019 2:17 pm

Against spam this plugin is better than Captcha. It is a mathematical problem:
https://extensions.joomla.org/extension ... heck-plus/

User avatar
paulala
Joomla! Explorer
Joomla! Explorer
Posts: 301
Joined: Sat Oct 30, 2010 12:32 pm
Location: Scotland
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by paulala » Sun Apr 28, 2019 6:48 pm

@evilded Do you still have this problem. Could you share details if so?
Warm Regards,
Paula Livingstone, Skydiving Instructor and Network Security Consultant
https://paulalivingstone.com
http://rustyice.co.uk

Kotsolis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 197
Joined: Mon Oct 27, 2008 6:38 pm

Re: Getting bombarded with spam emails via Joomla

Post by Kotsolis » Fri Nov 22, 2019 11:41 am

Hi all,

For the last weeks there are email spammers bombarding my website. It looks like they are using an automated contact form. They spam for 2-3 days at least. Today I woke up and found +1000 spam emails! I have a big website.

But I had one contact form which I think Is disabled. I double checked all menus, both header and footer, and didn't find a contact form.

Check one of the spam emails:
This is an enquiry email via https://(mysiteishere).com/ from:
qseaguu <mille.ci@live.no>

Se flere nakenbilder med meg ved å klikke her - https://siteofthespammer.com
So someone tell me how to double check and disable any contact forms or do any sort of thing to prevent these spammers. This is killing my job time right now! 1000 emails per day? That's too much. And I can't even find their IP as they seem to use a form.

Jheroen
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 117
Joined: Thu Sep 08, 2005 4:43 pm
Location: Gendt
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by Jheroen » Fri Nov 22, 2019 2:02 pm

Hello, check the contact component en see if there are any contacts in use, if so and you want to use them install recaptcha in the website. If you don't use them unpublish them or just delete.
If you have a form using a form extension you should check that extension.
If you have any extension active that can be abused by spammers (virtuemart) check those.
Met vriendelijke groet,
Jheroen
http://www.joomlapartner.nl, websites - maatwerk - migratie - design - onderhoud
http://www.joomlahostingsupport.nl, Joomla! hosting - chmodvrij - prima support - concurrerende tarieven

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Fri Nov 22, 2019 7:04 pm

Kotsolis wrote:
Fri Nov 22, 2019 11:41 am
For the last weeks there are email spammers bombarding my website. It looks like they are using [some automated script. Can] someone tell me how to double check and disable any contact forms or do any sort of thing to prevent these spammers. This is killing my job time right now!
There are many topics on this forum that discuss this question. For example, two recent topics here Generally-speaking, CAPTCHA is ineffective in reducing the level of contact form abuse because of the number of automated scripts that bypass CAPTCHA.

Furthermore, attempting to identify the possible source of these attacks by using IP addresses is futile—it's like playing whack-a-mole. As soon as you find one IP address, a dozen more attacks from different IP addresses will happen.

Kotsolis wrote:
Fri Nov 22, 2019 11:41 am
I had one contact form which I think Is disabled. I double checked all menus, both header and footer, and didn't find a contact form.
You will need to triple check everything. Menus (including trashed menus) as well as third-party extensions. "Disabling" things doesn't always work; you may need to uninstall third-party extensions and/or empty the menu trash. If you are unsure what you have installed, please use the Forum Post Assistant reporting tool and post the results here.
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

Kotsolis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 197
Joined: Mon Oct 27, 2008 6:38 pm

Re: Getting bombarded with spam emails via Joomla

Post by Kotsolis » Sat Nov 23, 2019 11:55 am

Why do you keep redirecting users to other topics instead of replying here?
What difference does it make?
If those topics have the same subject then merge the topics and provide solution!
I received another 900 emails since yesterday!

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Sat Nov 23, 2019 4:01 pm

Kotsolis wrote:
Fri Nov 22, 2019 11:41 am
For the last weeks there are email spammers bombarding my website. It looks like they are using an automated contact form. They spam for 2-3 days at least. Today I woke up and found +1000 spam emails! I have a big website
Kotsolis wrote:
Sat Nov 23, 2019 11:55 am
I received another 900 emails since yesterday!
This is all that you have told us about your website!

I do not know if your website uses Joomla or not. I do not know any details about your website. I may be a professional website consultant but I am not the expert who knows everything, especially everything concerning your website. So, can we please begin again and can you provide us with all the details about your website and maybe we can help you find out how you are getting all this spam. OK?

This forum is a self-help resource; we will try our best to assist you but you have to help us, too.

Image
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Sun Nov 24, 2019 7:41 pm

@Kotsolis: thank you for your PM but I cannot reply to you via PM because of your account settings. I would recommend that you obtain help from a professional website consultant in order to address your problems. Updating your website software would be a step in the right direction. Good luck.
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
darb
Joomla! Ace
Joomla! Ace
Posts: 1452
Joined: Thu Jul 06, 2006 12:57 pm
Location: Stockholm Sweden
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by darb » Mon Nov 25, 2019 9:16 am

Kotsolis wrote: ↑
Fri Nov 22, 2019 11:41 am
For the last weeks there are email spammers bombarding my website. It looks like they are using an automated contact form. They spam for 2-3 days at least. Today I woke up and found +1000 spam emails! I have a big website

Kotsolis wrote: ↑
Sat Nov 23, 2019 11:55 am
I received another 900 emails since yesterday!
Did you post the FPA here to people "really" can help you or what do you expect by this replies when nice people here help you for free without any necessary data and info from your side? :pop
Success in the long run Its not about the code its about the people and community that's make it!
Its not what you say its what you do that matters!

Darb - aka ssnobben

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Mon Nov 25, 2019 10:14 am

@darb (and anyone else who asks @Kotsolis to post the FPA report in public): @Kostolis informed me, by PM, that they do not wish to post the FPA report on the forum, in public. That is entirely their right to do this (even if it means that we may not be able to assist them with their problem). So, for the your own benefit, please do not insist that @Kostolis should post the FPA report, in public, on this forum (unless they change their mind). 8)
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

Kotsolis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 197
Joined: Mon Oct 27, 2008 6:38 pm

Re: Getting bombarded with spam emails via Joomla

Post by Kotsolis » Mon Nov 25, 2019 12:04 pm

1)I have Joomla 3.8.2 . If this is a known bug on that release and it's fix on the newest, then please send me a link to confirm. I have JomSocial and Kunena installed.

2)Check the image that I attach. What do you think? Is this a kind of form or something or just random spam emails? Can anyone think of a component or module?
mass-spam.jpg
3)Ok it looks like that in some emails the Ip is shown.
Ips are from Russia. They send massive spam in Scandinavian language.

4) Finally what is the FPA?
You do not have the required permissions to view the files attached to this post.

User avatar
darb
Joomla! Ace
Joomla! Ace
Posts: 1452
Joined: Thu Jul 06, 2006 12:57 pm
Location: Stockholm Sweden
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by darb » Mon Nov 25, 2019 12:14 pm

Yes there should be more info menu links and directions what FPA is and how to find it https://forumpostassistant.github.io/docs/
Success in the long run Its not about the code its about the people and community that's make it!
Its not what you say its what you do that matters!

Darb - aka ssnobben

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14844
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Getting bombarded with spam emails via Joomla

Post by mandville » Mon Nov 25, 2019 12:27 pm

Kotsolis wrote:
Mon Nov 25, 2019 12:04 pm
1)I have Joomla 3.8.2 .
then you should have updated your gaming site ages ago. not just (un related) bugs but security fixes since then.
If this is a known bug on that release and it's fix on the newest, then please send me a link to confirm.
it is not a known bug, it is an ADMINISTRATOR failure. your latest release of joomla available at posting.php?mode=quote&f=714&p=3587213# along with your other outdated scripts.
2)Check the image that I attach. What do you think? Is this a kind of form or something or just random spam emails? Can anyone think of a component or module?
no, if you check your email you will find a very obvious message telling you just how you have been spammed. a long with many of the topics on this subject that you could so easily have found using search try this one. viewtopic.php?t=960240
seeing as your site has a lits of contacts, then be a good administrator and along with updating your entire site, switch off the default contact form.
3)Ok it looks like that in some emails the Ip is shown.
Ips are from Russia. They send massive spam in Scandinavian language.
Ips are irrelevant.
I find it very hard to believe that someone who has been around as long as you has not heard of the FPA or the forum post assistant that is very clearly highlighted in each forum. i suppose you never heard of the VEL either?

Note: i am not asking you to post the FPA, your site info was find by using the forum search tool and not any other back door system
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 11523
Joined: Thu Feb 15, 2007 5:48 am
Location: Suzhou, China

Re: Getting bombarded with spam emails via Joomla

Post by toivo » Tue Nov 26, 2019 1:08 am

darb wrote:Yes there should be more info menu links and directions what FPA is and how to find it
BTW, the link to Forum Post Assistant / FPA can be found at the top of every topic and every forum. Visitors probably automatically ignore the banner, even if it look different from an advertisement. What can we do, perhaps animate the banner?
Toivo Talikka, Global Moderator

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Tue Nov 26, 2019 1:43 am

:-\ While the panel discussion about raising the prominence of the FPA link may be of interest to some people, it's completely off-topic as far as addressing the "getting bombarded with spam emails via Joomla" issue is concerned. There are other places on the forum where discussions about raising the awareness of the FPA link(s) have been posted and I would ask that people confine their comments about the FPA to those places, please.

Let's not hijack the purpose of this thread for those other matters, OK?
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 19764
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by leolam » Fri Nov 29, 2019 6:39 pm

Somebody read about spoofing? If you want clear answers you should post "all headers" without blackening the email addresses. Example auto-replies are important sources with the "in response to" email addresses etc etc

Dont post these kinds of requests if you are not able to provide proper information

Leo 8)
Joomla's #1 Professional Support Provider:
-> Joomla Professional Support: https://gws-desk.com -
-> Joomla Specialized Hosting Solutions: https://gws-host.com -
-> Joomla Webmaster Services: gws-webmaster.services

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14844
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Getting bombarded with spam emails via Joomla

Post by mandville » Fri Nov 29, 2019 7:48 pm

In case you missed the really helpful advice in this topic and in the email i sent from your contact form, here is a screenshot to really really help you and others being "bombarded with spam due to an exploit in joomla"
waste.jpg
You do not have the required permissions to view the files attached to this post.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

Kotsolis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 197
Joined: Mon Oct 27, 2008 6:38 pm

Re: Getting bombarded with spam emails via Joomla

Post by Kotsolis » Mon Dec 02, 2019 6:27 pm

mandville wrote:
Mon Mar 19, 2018 7:38 pm
giovannino wrote:Hello, I got same issue with 3.7.3
then you are using an out of date vulnerable version of joomla.
Did you fix it or not ?
there is nothing for the developers of joomla to fix, the fix is with the adminsitrators of the website that uses joomla .
Is it only sent to administator ? It's the only user as far now.Thanks
well i think you will find its actually sent to the email address listed for the the administrator or the reply to address for the website.

see the answers and suggestions above for how to get you to sort your site out.
I am using an "outdated version of Joomla"? I have just upgraded to the latest version, 3.9.13.
Still the same issue! Look at the screenshot. I have 1 email per 2 minutes!
emails-bomb.jpg
And for this upgrade I paid a developer, because I have lots of custom stuff. Money gone for nothing!

About the last comment, I have completely disabled any contact form (I assume that this appears in site.com/contact) so I can't find how the spammer is abusing me.
You do not have the required permissions to view the files attached to this post.

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 8193
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Getting bombarded with spam emails via Joomla

Post by sozzled » Mon Dec 02, 2019 6:33 pm

Kotsolis wrote:
Mon Dec 02, 2019 6:27 pm
... I can't find how the spammer is abusing me.
Neither can we.

See also
darb wrote:
Mon Nov 25, 2019 12:14 pm
[Information about the FPA] how to find [and use] it https://forumpostassistant.github.io/docs/
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)


Post Reply

Return to “Security in Joomla! 3.x”