Mobile app version of vmapp.org
Login or Join
Si4351233

: Could we get blacklisted somewhere when our "register" form is abused? I am on the board of a small sports club. None of us is a professional web master or administrator. A hobbyist club member

@Si4351233

Posted in: #Blacklist #Botattack

I am on the board of a small sports club. None of us is a professional web master or administrator. A hobbyist club member works as our webmaster in his free time, and none of us knows what to make of the current situation.

We have a forum, which requires registration. Our system automatically answers with a "please click this link to confirm registration" mail. In the last weeks, we got bombarded with both e-mail spam and attempts to register nonsense accounts on the forum. It seems that these were so many that our automated mails fail.

Is there cause for concern here? Can we get blacklisted somewhere because our server is spewing out so many mails in reaction to the illegal registration attempts? Should we be taking action, and what can we do?




This is the mail system at host [redacted; it is always the same].

I'm sorry to have to inform you that your message could not be
delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your
own text from the attached returned message.

The mail system

: host mail.mailsdfsdf.com[5.61.38.11] refused
to talk
to me: 421 Too many concurrent SMTP connections; please try again later.

Reporting-MTA: dns; [redacted] X-Postfix-Queue-ID:
97EA5723478 X-Postfix-Sender: rfc822; [our mail address] Arrival-Date:
Wed, 28 Oct 2015 12:56:04 +0100 (CET)

Final-Recipient: rfc822; urukef@mailsdfsdf.com Action: failed Status:
4.0.0 Remote-MTA: dns; mail.mailsdfsdf.com Diagnostic-Code: smtp; 421 Too many concurrent SMTP connections; please try
again later.

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Si4351233

2 Comments

Sorted by latest first Latest Oldest Best

 

@Nimeshi995

Any website, or any server that sends a huge volume of emails runs the risk of their IP or domain being added to email blacklists. Also, similar, or exact emails are higher on the risk factor, especially when it comes to 'MASS' public email addresses such as:

@yahoo .com @gmail .com @hotmail .com @aol .com


You can find out if your server IP or domain has been added to the email blacklists but it should also be noted that it is believed that email providers will often use a range of features to determine if the sender is spam, for example Google is believed to run their own spam algorithm and use their own internal database, its impossible to check this other than sending emails to their service and monitoring the results.

Your biggest concern right now should be to address automated signup spam. I wrote an article eons ago about WordPress having similar issues and you should be able to use the same information for your forum, or least some parts of it, I recommend:


SOURCE

Captcha Service

One of the easiest ways to prevent spam is to use a Captcha service;
sadly they aren’t bot proof as there are many online services that
will crack the code for as low as 0.01USD each. But, it does stop the
majority, only the best spammers will get through.

I highly recommend Google reCAPTCHA and there is even a WordPress
reCAPTCHA plugin which should make installing this service easier.

Bait for Spammers

A more advanced method to block spammers within WordPress is to setup
bait for spammers, AKA honeypots. This involves setting up a form that
only spammers will see and any attempt to fill in that form will
result in a comment post rejection. This sounds complex but thanks to
WP Spam Fighter this method is made easy.


To extend onto that even further to prevent this recurring you should research into the following:


Captcha Service (some work better than others)
Form Honey Pots
Footprint Removal (Content Management System footprints removal of powered by ppBB etc)
Request restrictions (denied users who request registration page too fast, too often using something like fail2ban)
There's many more methods that you can find on Google.

10% popularity Vote Up Vote Down


 

@Angela700

In regard to your automated emails failing, these spammer email addresses used for the fake registrations often bounce because they either don't exist or quickly become full, or are flagged as spammer addresses - for this reason your server will have a high rate of bounced emails. This will affect the mail reputation of your server and will in turn degrade the deliverability of emails from your server. So yes, this is cause for concern.

If you are getting bombarded with email spam it is very likely that you do not have any email submission protection on your site.

The first and most important thing to do is to add something which ensures that bots cannot submit fake registrations. The most common solution available, but not the only one, is Google Recaptcha.

Depending on what technology is driving your website, you may already have inbuilt options for this. If not, there are extensions for all major Content Management System platforms (such as Wordpress, Joomla, Drupal etc.) that you can easily add, or if it is a pure HTML site you can copy the code from Google's Recaptcha site and install it directly on your contact/registration pages.

After solving this issue I would also recommend that you ask your webmaster to look into using an external mail delivery service (STMP) such as sendgrid.com which will ensure a high delivery rate for your outgoing server emails (they will require that you keep a good mail reputation though). Different methods are necessary for setting up your site or server to delivery mail through an external SMTP service so it is beyond the scope of this answer to address that here.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme