Domain
Find Your Domain
AfterMarket
Manage Your Portfolio
Auctions
Domain
Find Your Domain
Aftermarket
Manage Your Portfolio
Auctions
Support
Domains
Aftermarket
Support
Download the app: ![]()
![]()
Copyright © 2002-2024 Dynadot LLC. All rights reserved.
Back
Are you sure you want to close the chat?Chat will be closed and the chat history will be cleared.
continue to sign out,or stay on chat.
To review this chat session please click this windows.Chat Online
Chat Online0
Support
Forum
A place for Dynadot and community experts alike to ask questions, share ideas, and more.
2/16/2007 11:58
I received this email from Dynadot:
------------------------------
We have received several spam complaints for the domain, *******.com. Please stop sending spam immediately. If we receive any more complaints, we will have to disable your account.
Feel free to contact us if you require further assistance.
Best Regards,
Dynadot Staff
------------------------------
I replied this morning with this email:
------------------------------
There is ONE email account for *******.com, and it is soley used by my Invision Power Board forum for an automated email validation check. HOW on earth could these "complaints" be legitimate?
What can I do to stop this?
------------------------------
Was "[email protected]" the proper address to reply to?
Will Dynadot provide copies of any complaints?
What can I do to satisfy Dynadot that the complaints are false?
Thanks,
Rick
------------------------------
We have received several spam complaints for the domain, *******.com. Please stop sending spam immediately. If we receive any more complaints, we will have to disable your account.
Feel free to contact us if you require further assistance.
Best Regards,
Dynadot Staff
------------------------------
I replied this morning with this email:
------------------------------
There is ONE email account for *******.com, and it is soley used by my Invision Power Board forum for an automated email validation check. HOW on earth could these "complaints" be legitimate?
What can I do to stop this?
------------------------------
Was "[email protected]" the proper address to reply to?
Will Dynadot provide copies of any complaints?
What can I do to satisfy Dynadot that the complaints are false?
Thanks,
Rick
2/19/2007 05:51
I would say, though. Which would you prefer:
1) A light hearted email saying that a complaint has been made on a account / domain you own.
2) A 'A heavy handed letter'.
3) Nothing.
With option 1, the chance are you would over-look it, do nothing. The consequences could be; a closed hosting account, your domain being identified as a spam domain, unhappy people all round.
Option 2. You take it seriously, investigate the matter, identify the problem and rectify it.
Option 3. You wake up one day and find your account closed, website gone, and no communication.
At least with option 2, you realise what can happen if you do nothing, but, at least with approach from dynadot, the option to rectify the situation is available.
1) A light hearted email saying that a complaint has been made on a account / domain you own.
2) A 'A heavy handed letter'.
3) Nothing.
With option 1, the chance are you would over-look it, do nothing. The consequences could be; a closed hosting account, your domain being identified as a spam domain, unhappy people all round.
Option 2. You take it seriously, investigate the matter, identify the problem and rectify it.
Option 3. You wake up one day and find your account closed, website gone, and no communication.
At least with option 2, you realise what can happen if you do nothing, but, at least with approach from dynadot, the option to rectify the situation is available.
2/19/2007 07:47
4) A respectful letter informing me that a spam complaint has been reported, accompanied with a copy of the complaint and a copy of the spam. Also, a realistic time frame in which to respond before action will take place.
Further, it would be nice if there was an auto-response as soon as one replies to Dynadot's initial accusation. As it is, one doesn't know if they've received your reply.
All this is reasonable, IMHO.
Rick
Further, it would be nice if there was an auto-response as soon as one replies to Dynadot's initial accusation. As it is, one doesn't know if they've received your reply.
All this is reasonable, IMHO.
Rick
2/22/2007 01:24
This looks like an E-mail injection exloit.
Check this link to understand what it's all about:
http://www.securephpwiki.com/index.php/Email_Injection
You most likely have a vulnerable PHP form on your site.
Probably the member was not even aware.
Check this link to understand what it's all about:
http://www.securephpwiki.com/index.php/Email_Injection
You most likely have a vulnerable PHP form on your site.
Probably the member was not even aware.
2/22/2007 09:31
We are going to modify our spam complaint email. Thank you everyone for the feedback.
2/23/2007 20:44
"Probably the member was not even aware."
I confronted him directly and he admitted to making a false accusation. 'Nuff said.
Thanks Dynadot for your follow-up.
I confronted him directly and he admitted to making a false accusation. 'Nuff said.
Thanks Dynadot for your follow-up.
3/3/2007 09:27
Hi,
I will give you a free tips.
In all your script, search all mail() function.
When your script will send mail, you will have :
mail($adresse,$sujet,$texte,$from))
You can do better :
[code]
if (mail($adresse,$sujet,$texte,$from))
{
$time_in = date("d.m.y::H.m.s");
$contenu = "\n\n==========".$time_in." **** IP : ".$_SERVER['REMOTE_ADDR']."==========\n";
$contenu .= $adresse."\n".$sujet."\n".$texte."\n".$from;
$fp = fopen("./mail/mail.txt","a");
fwrite($fp,$contenu);
fclose($fp);
echo "Votre message a bien été envoyé";
}
[/code]
Create one folder "mail" (chmod 777), with one file mail.txt (chmod 666), and place one .htaccess file in a main of mail folder, with this instruction "deny from all"
When one person will send a mail with your site, you will have a copy in a mail.txt file.
If you see it's not you or your member who have send, you know you have one spammer who use your script.
It's not for a security, it's just for know all email will be send with your script.
Verify per moment if spammer don't send mail
(Sorry for my bad english)
I will give you a free tips.
In all your script, search all mail() function.
When your script will send mail, you will have :
mail($adresse,$sujet,$texte,$from))
You can do better :
[code]
if (mail($adresse,$sujet,$texte,$from))
{
$time_in = date("d.m.y::H.m.s");
$contenu = "\n\n==========".$time_in." **** IP : ".$_SERVER['REMOTE_ADDR']."==========\n";
$contenu .= $adresse."\n".$sujet."\n".$texte."\n".$from;
$fp = fopen("./mail/mail.txt","a");
fwrite($fp,$contenu);
fclose($fp);
echo "Votre message a bien été envoyé";
}
[/code]
Create one folder "mail" (chmod 777), with one file mail.txt (chmod 666), and place one .htaccess file in a main of mail folder, with this instruction "deny from all"
When one person will send a mail with your site, you will have a copy in a mail.txt file.
If you see it's not you or your member who have send, you know you have one spammer who use your script.
It's not for a security, it's just for know all email will be send with your script.
Verify per moment if spammer don't send mail
(Sorry for my bad english)
3/22/2007 11:58
Hi,
Could you expain that more clearly for me how to do this, or better still would you be prepared to modify some forum scripts to prevent this? ($) Using phpbb 2.x.x
I set up a forum last week, and a lot of spam has been sent via the forum (I think), I would welcome any help to solve this as it's using up a lot resources, it wasn't as simple to rectify as I first thought.
Thanks
[This post has been edited by b_t_chichester_gb on Mar 22, 2007 10:25pm.]
Could you expain that more clearly for me how to do this, or better still would you be prepared to modify some forum scripts to prevent this? ($) Using phpbb 2.x.x
I set up a forum last week, and a lot of spam has been sent via the forum (I think), I would welcome any help to solve this as it's using up a lot resources, it wasn't as simple to rectify as I first thought.
Thanks
[This post has been edited by b_t_chichester_gb on Mar 22, 2007 10:25pm.]
3/25/2007 19:09
Dynadot,
Could you explain how you think it is fair to suspend your PAYING customer's domain from spam complaints from a single person...
Could you explain how you think it is fair to suspend your PAYING customer's domain from spam complaints from a single person...
3/26/2007 21:01
Sorted
[This post has been edited by b_t_chichester_gb on Mar 26, 2007 9:12pm.]
[This post has been edited by b_t_chichester_gb on Mar 26, 2007 9:12pm.]
3/27/2007 11:22
I don't believe we suspended the domain in this case. We were able to resolve the complaint with our customer without disrupting his website.
It states very clearly in our service agreement that we don't allow our services to be used for sending spam. What are we doing that is not fair?
It states very clearly in our service agreement that we don't allow our services to be used for sending spam. What are we doing that is not fair?
Newsletter sign-up
Download the app:![]()
![]()
Copyright © 2002-2024 Dynadot Inc. All rights reserved.
Newsletter sign-up
Download the app:![]()
![]()
Copyright © 2002-2024 Dynadot Inc. All rights reserved.