Recent Topics

1 Jan 31, 2009 00:50    

My b2evolution Version: 2.x

Yesterday I noticed that spammers were sending email spams via the mail system on my b2e blog. I installed the turing test pluging and figure that will stop the problem. But, as an added precaution, could I also modify .htaccess to block direct attempts to send emails?

Like:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.markcassino.com/.*$ [NC]
RewriteCond %{REQUEST_URI} ^.*message_send\.php$
RewriteRule .* - [F]

Would this work? I don't know much about .htaccess and I'm not even 100% sure that message_send.php is the file that bots would be accessing to send emails, so I'm not sure if this would do the trick. (I just modified the code that blocks direct access to to comment_post.php file and was posted here some time ago.)

Thanks in advance -

MCC

2 Feb 02, 2009 08:03

looks like it would

But im kinda confused on what you mean when you say direct attempt to send message, please elaborate.

3 Feb 02, 2009 13:52

Thanks.

By "direct access" I mean where a bot is directly calling the routine to send email messages (presumably message_send.php), inserting its spam, and sending. That's opposed to where a user clicks on the message send link within a page on the site. The intent of the .htaccess entry would be to block direct access to message_send.php when it is not called from a link within the site. So that would only allow it to be accessed if it is called up from a link within the site.

I'm seeing a rise in the number of attempts to send email through my blog. Looking through the "Direct B-Hits" tab in the stats section I found one IP address yesterday hitting the "send an email message" screen 12 times in the course of about 2 minutes. Not a huge number of access but it's clearly a bot and an organized attempt at an exploit. I expect the turing test is stopping the actual sending of messages.

The problem with email spam is that you may not even know your site is doing it, since unlike comment spam you don't see it happening unless an email is directed to you. I started looking into this after I recieved an email from my own blog pitching pharm stuff. And I guess if a site sends enough email spam it risks being black listed by SORBS or Spamhaus or whoever.

The antispam keywords also seem to apply to blog emails, so there is also that level of protection. I'm figuring though that the .htaccess approach might block a few more attempts.

Thanks - I'll make that change to .htacess and see what happens.


Form is loading...