Jump to content

How stop ticket spammer !!!!


nimafire

Recommended Posts

Hey

its near 1 week we have weird ticket that opens 3 times per day

i have attach today ticket:

ive check mailbox and these arent import by email, no email regard this receive in inbox and spam box

we have google captcha, ive also change it to whmc default type and nothing change

blocks ender isnt work and nothing block by whmcs

i cant find anything about these in whmcs activity log

spam.jpg

Link to comment
Share on other sites

Generally the email import grabs the message and deletes the copy on the server (if using POP import). If using the pipe method, it isn't stored on the mail server at all. I'd say your thought that they're visiting the page is correct, if it's not in the WHMCS mail import log. 

How do you know they're bypassing the Captcha, just because of the odd subjects and so on? If you have access, you might want to look through the server logs and find out who is hitting that form to submit, and see if that's something you can block.

Link to comment
Share on other sites

On 11/29/2019 at 12:53 PM, nimafire said:

no nothing,

also no email store in inbox of account

seems it opens via system, like bypass capctcha

I had a similar issue a couple weeks ago the tickets weren't coming in via email I searched every log and blocked every sender, the entire TLD (.ru) tickets kept coming. I finally blocked the IP and it stopped immediately. 

Link to comment
Share on other sites

these emails are not import by email, ive stop any piping and also remove email account from server, still receive these tickets.

these are sent from different ip and domain however ive block entire .ru domain in the past,

im think are they bypass captcha or theme code to send these tickets?

Link to comment
Share on other sites

6 hours ago, nimafire said:

these emails are not import by email, ive stop any piping and also remove email account from server, still receive these tickets.

if piping is now disabled, and therefore clients need to come to the site to open a ticket, why not make the support departments client only - that means, that the user will need to login to open a ticket... which these spammers should be unable to do.

6 hours ago, nimafire said:

im think are they bypass captcha or theme code to send these tickets?

it's not impossible to bypass google captcha - there are plugins available to do that and I tried them on a v7.7 (or maybe v7.6) dev earlier in the year, and I could bypass it... the same probably applies to invisible v3 too - you could try switching the site to use v3 inviable instead and see if that makes any difference (i'm assuming you're still using the old v2 "not a robot" checkbox reCAPTCHA option).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated