WHMCS Ticket Spam Control *AKISMET* (Need Beta Testers)

[HawtDogFlvrwtr]

We (The-Ratpack.com) are finishing up a new addon that integrates AKISMET spam detection into the WHMCS ticketing system. The addon will work in concert with your email spam filter, but will primarily be used for bots that visit your site and fill out support requests with bogus information.

 

So far the addon is working as it should and marking spam appropriately.

The final version will allow users to select if they want to just delete the messages, create a custom subject prefix for detected spam, let users mark undetected messages as spam, mark spam messages as ham if they aren't spam. (All of which are reported back to AKISMET).

 

With that said, I need 10 beta testers that currently get a high number of spam messages in there ticketing system, that want a bit of reprieve.

 

If you are interested, please respond back to this thread. I will be selecting the first 10 responses.

 

Respectfully,

Chris

[easyhosting]

AKISMET is a forum anti spam plugin primarly used in wordpress.

But i am willing to beta test this to see if it works in WHMCS

[Daniel]

AKISMET is a forum anti spam plugin primarly used in wordpress.

 

And your point is?

[HawtDogFlvrwtr]

It is, but you are receiving the same types of messages as spam within tickets so the method still applies. You also receive the required fields of, IP, Name, Email, Subject, Message. so really, it was just a matter of integrating it within WHMCS. Honestly, It works much better than we expected which is why we decided to package it as an addon for others to use.

[easyhosting]

And your point is?

 

i was just mentioning the primary function of AKISMET as it was primarily designed as a wordpress plugin.

[easyhosting]

It is, but you are receiving the same types of messages as spam within tickets so the method still applies. You also receive the required fields of, IP, Name, Email, Subject, Message. so really, it was just a matter of integrating it within WHMCS. Honestly, It works much better than we expected which is why we decided to package it as an addon for others to use.

 

yes you do have a point.

 

I would like to beta test this

[Ashley.S.]

I'll be happy to test it if you are still looking for testers. I really need something that puts a stop to the nasty tickets being manually submitted without locking out other features (Email Template Editing)

[alesf77]

hi.

 

I'll be happy to test it if you are still looking for testers.

 

regards

[HawtDogFlvrwtr]

So far I have 4 testers. If anyone else is interested, Pleas chime in. Those who have already asked, I will be providing you the addon shortly. I'm in the process of wrapping up beta 3

 

Thanks,

Chir

[markehme]

Getting a bunch of annoying tickets lately, they're the type that are {eval}base64_decode(...){/eval}.

 

I'm in!

[HawtDogFlvrwtr]

Very good, you've been added to the list.

 

Thanks,

Chris

[jainritesh]

I'm also interested, Count me in if you are still lookinf for tester.

 

Thanks,

RJ

[HawtDogFlvrwtr]

Ok, that makes 6. Need 4 more. Also, I will be sending each of you a PM shortly with the beta4 release. This will be the first release that each of you test.

 

 

1.0 BETA 4:

So far this is what we have working:

• The ability to configure it to just delete spam messages automatically
  
• Ability to set a subject prefix on spam detection. (Adds a prefix to the subject if you've told it not to delete them)
  
• Added a "Report Spam" button to the viewticket page. (Please use this so that detection gets better.. THIS IS STILL BUGGY AS HELL!!!!!!!!!)
  

 

What we are going to add in next release(s):

• Adding a "Report Ham" button if you've set the message not to delete and it marks a message as spam incorrectly. This will tell AKISMET that it screwed up.
  
• Add licensing functionality (BETA TESTERS WILL KEEP A FREE COPY UPON COMPLETION)
  
• Add an interface to keep old spam messages outside of the ticketing system. This will be used later to report ham messages and also restore tickets that were deleted by accident.
  

 

Known Bugs:

• When viewing a ticket, If you click the "Report Spam" button, it doesn't gray out when already reported.
  
• When viewing a ticket and you click the "Report Spam" button, the subject doesn't update to reflect the prefix addition. This is seen when leaving the ticket.
  
• When viewing a ticket and you click "Report Spam", If you refresh the screen, it will continue to add the prefix to the subject.
  
• If a ticket doesn't have a name or email address assigned to it (VERY UNLIKELY BUT GENERALLY VIA EMAIL PIPING), AKISMET may reject the message. Inherently, the email piping doesn't always provide the original name and email address of the user. I'm working on addressing this issue.
  

Edited July 30, 2012 by HawtDogFlvrwtr

[HawtDogFlvrwtr]

PM's and Emails sent. If you don't have Private messages enabled on this forum, I emailed you the link. Please report back bugs not listed above to this forum.

 

Thanks,

Chris

[HawtDogFlvrwtr]

One more note, If you wish to test if it's working, submit a ticket on your site with the persons name of "viagra-test-123" and any message, and email address and it should mark it as spam. Please note that messages aren't scanned when created from the admin interface. They are only scanned if received via email piping or creation from the page. Also note that if you use one of your real email addresses to test, it WILL flag it as a spam email address in the future.. YOU'VE BEEN WARNED!#%

Edited July 30, 2012 by HawtDogFlvrwtr

[HawtDogFlvrwtr]

1.0 Beta 8 will be released soon (Big jump from BETA 5 as I have been doing a lot of testing in house).

 

Here's what's been added or is working now:

 

• *FIXED* When viewing a ticket, If you click the "Report Spam" button, it doesn't gray out when already reported.
  
• *FIXED* When viewing a ticket and you click the "Report Spam" button, the subject doesn't update to reflect the prefix addition. This is seen when leaving the ticket.
  
• *FIXED* When viewing a ticket and you click "Report Spam", If you refresh the screen, it will continue to add the prefix to the subject.
  
• Add licensing functionality (BETA TESTERS WILL KEEP A FREE COPY UPON COMPLETION)
  
• Added functions other than deleting message. Now you can Close, Delete, or just change the subject. (PER REQUEST)
  
• Began writing reported messages to a table for un-deleting later. This will serve the data to the new interface mentioned above and also helps when determining if a message was already reported.
  
• Added DEBUG mode so you can if things are working as they should. (THIS PRINTS A TON OF INFO TO THE ACTIVITY LOG!!!)
  

 

Here's a preview of the interface for folks that are curious what you can do.

Edited July 31, 2012 by HawtDogFlvrwtr

[HawtDogFlvrwtr]

It doesn't look all that sexy yet, but I wanted to give a sneak preview of the upcoming deleted/spam ticket table for the module. Initially it will show you tickets that were marked as spam even if they were deleted from the regular ticketing system... we keep them in a special table so that you can mark them as ham/restore them later to the ticketing system within WHMCS

 

In near-future beta versions we have a graph displaying the spam received over the year by month(compared to the previous year) and will add the ability to clear the spam tickets, restore them, and mark them as ham. For now though, it's just a view of the tickets.

 

Who knows... we may even make a widget for the admin home screen with statistics on spam related tickets.

 

Edited August 2, 2012 by HawtDogFlvrwtr

[Ashley.S.]

Everything looks great, can't say that I've run into any serious issues running it so far, but I have noticed a few weird happenings with it though

[easyhosting]

Getting a bunch of annoying tickets lately, they're the type that are {eval}base64_decode(...){/eval}.

 

I'm in!

 

these are not spam, these are exploits trying to access your WHMCS admin area. i praise you for not posting the whole exploit, but iof you follow the WHMCS security steps then these will cause no harm

[easyhosting]

all seems fine with my install so far

[HawtDogFlvrwtr]

Everything looks great, can't say that I've run into any serious issues running it so far, but I have noticed a few weird happenings with it though

 

Ashley, can you elaborate on the strange things happening?

[HawtDogFlvrwtr]

these are not spam, these are exploits trying to access your WHMCS admin area. i praise you for not posting the whole exploit, but iof you follow the WHMCS security steps then these will cause no harm

 

nonetheless, this spam tool will block those as they appear as tickets in the system. I believe that's what he's saying. They aren't effecting his install, they are just getting past his filters as mine were.

[Ashley.S.]

Ashley, can you elaborate on the strange things happening?

 

When I was randomly testing, this appeared in the system logs:

 

[TABLE=class: datatable, width: 100%]

[TR]

[TD=bgcolor: #F3F3F3]01/08/2012 16:38[/TD]

[TD=bgcolor: #F3F3F3]

idExists:

[/TD]

[TD=bgcolor: #F3F3F3]{STAFF_USERNAME}[/TD]

[TD=bgcolor: #F3F3F3]{STAFF_IP}[/TD]

[/TR]

[TR]

[TD]01/08/2012 16:34[/TD]

[TD]

idExists:

[/TD]

[TD]{STAFF_USERNAME}[/TD]

[TD]{STAFF_IP}[/TD]

[/TR]

[/TABLE]

 

So no idea what that was about, unless it was something to do with the debug (I think I enabled it at some point, can't remember)

 

Also, if one ticket already had the *** POSSIBLE SPAM *** added to the ticket subject, as more replies came in to that ticket, it would continue to add it, surely only adding it once would be enough to know that the ticket is possibly SPAM???

 

Other than that, all seems to be well

[HawtDogFlvrwtr]

When I was randomly testing, this appeared in the system logs:

 

[TABLE=class: datatable, width: 100%]

[TR]

[TD=bgcolor: #F3F3F3]01/08/2012 16:38[/TD]

[TD=bgcolor: #F3F3F3]

idExists:

[/TD]

[TD=bgcolor: #F3F3F3]{STAFF_USERNAME}[/TD]

[TD=bgcolor: #F3F3F3]{STAFF_IP}[/TD]

[/TR]

[TR]

[TD]01/08/2012 16:34[/TD]

[TD]

idExists:

[/TD]

[TD]{STAFF_USERNAME}[/TD]

[TD]{STAFF_IP}[/TD]

[/TR]

[/TABLE]

 

So no idea what that was about, unless it was something to do with the debug (I think I enabled it at some point, can't remember)

 

Also, if one ticket already had the *** POSSIBLE SPAM *** added to the ticket subject, as more replies came in to that ticket, it would continue to add it, surely only adding it once would be enough to know that the ticket is possibly SPAM???

 

Other than that, all seems to be well

 

The idExists: piece is mine but the staff_username and staff_ip i'm unfamiliair with. I put idexists as an activitylog entry but forgot to remove it.

 

As for the *** POSSIBLE SPAM *** piece, that's weird as it shouldn't be doing it upon reply. I'm using the TicketOpen hook and the TicketUserReply hook is completely seperate. Are you sure it didn't happen when you marked the ticket as spam in the beta 4 version? That version had a bug (noted earlier on here) that if you clicked report spam and refreshed the page, it would continue to mark it as spam over and over. I "thought" i fixed this in beta 8.

 

Thanks,

Chris

[Ashley.S.]

The idExists: piece is mine but the staff_username and staff_ip i'm unfamiliair with. I put idexists as an activitylog entry but forgot to remove it.

 

As for the *** POSSIBLE SPAM *** piece, that's weird as it shouldn't be doing it upon reply. I'm using the TicketOpen hook and the TicketUserReply hook is completely seperate. Are you sure it didn't happen when you marked the ticket as spam in the beta 4 version? That version had a bug (noted earlier on here) that if you clicked report spam and refreshed the page, it would continue to mark it as spam over and over. I "thought" i fixed this in beta 8.

 

Thanks,

Chris

 

The STAFF_USERNAME & STAFF_PASSWORD is me removing my username & IP so they are not public, so no issue there. Sorry if I didn't make that clear enough.

 

Thanks for the explanation about the idexists, after that log appeared it did correctly log that I reported a ticket as spam so no issue there.

 

I will check again and re-upload beta8 and see if I can replicate it, although the files do say I'm running beta8 and I uploaded them all together. I'm away on holiday from tonight, so if I don't get chance to do more tests tonight, I'll report back late on Sunday or sometime during Monday.