Relay Spam
greencrescent - September 24, 2009 - 02:57
| Project: | Webform |
| Version: | 6.x-2.7 |
| Component: | Miscellaneous |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
My apologies if this is not the best spot to ask the question, but is anyone else experiencing problems with relay spam, that is, spammers using the form and associated email addresses to send spam to other people using webform? (I'm not referring to incoming spam). I'm getting a lot of messages back lately such as spam rejections, out of office replies, bounce backs, etc. to the unique email address that I use for the webform submissions. Of course, it could be that someone just happens to be using that email as the sender without relaying via webform, but I wanted to know if anyone had had a problem with this sort of thing? I'm using the most recent version of webform and it doesn't appear that I've been hacked.
Thanks
#1
The only way Webform can be used to relay spam is if it has been configured to send e-mails to the value of a textfield (such as if the user enters their e-mail address to receive a receipt). However even with option, it is impossible to send to more than one address at a time, since Webform cleans all e-mail addresses to ensure that it can only send to one user at a time.
If a determined spammer was entering in individual addresses and reloading the page repeatedly, I'd suggest either putting a submission limit on your form (2 per hour or something) or installing Captcha module to require users to enter a captcha before submitting. Using both mechanisms isn't a bad idea either.
#2
Automatically closed -- issue fixed for 2 weeks with no activity.