Jump to content
Sign in to follow this  
Host KH

Exploit? Not sure how to describe this SPAM message.

Recommended Posts

Hello and greetings from a new user to this support. I started out at our host and then was sent here due to third party.

This morning I received an email which seems to me to be SPAM exploit via our WHMCS site.

The email said SPAM message and then at the bottom said:

Get yours: thepodiatrist.online

Thank You,

Tobias
Pre-Sales Contact Us - " removed our support WHMCS Site

Except the from name is NOT a member of our support team.

WHMCS This notification was automatically generated by WHMCS
 removed our domain name and link | log in to the admin area  link removed.

Sorry, not sure how to best explain this. 
I was sent here (to this community community) from our host  InMotion Hosting because the problem mail said "This notification was automatically generated by WHMCS".
Can anyone help me: explain what this is called and perhaps offer a fix?
Thank you.

Share this post


Link to post
Share on other sites

Hello @Host KH

Do you have the Pre-Sales Contact form set to forward to an email address? This notification looks to be that someone used your Pre-Sales Contact form to send you spam email. https://docs.whmcs.com/Spam_Control  provides some steps for introducing SPAM Filtering into your system. 

Share this post


Link to post
Share on other sites

Thank you so much for the link Christopher - I will need to look more into that link today.

Previously, I found and used this "Email Sending Disabled: Email sending is disabled which means no outgoing mail will be delivered. You can re-enable email in Configuration > General Settings > Mail." Which should work for us well enough. We really don't need any mail with the rest of the world.  We only use WHMCS internally, we are not traditional web host and don't need the rest of the world.

Re: Do you have the Pre-Sales Contact form set to forward to an email address?
Not sure, I need to find it first to learn more about that.
I am guessing I do have that forwarding on now, else I would never have seen it?

Technically, I know I should just get a better understanding of the whole picture though. I will try to do that today.

<hmmm ... I still like my other setting to block all the sending... >
I think I will leave it as that for now. -> or perhaps build exceptions that are allowed to receive?

I don't know for now, let me think about t some more, to see what would work best for all, in most common situations.

Here is what I have for now. let's see what happens now. 2 entire phrases are now blocked.

Greatly appreciate your help.

screenshot-2021.08.01-10_53_54.png

Share this post


Link to post
Share on other sites

Yes, I agree with this - seems to be a good idea with me.

So, now have implemented reCAPTCHA too.

Maybe. that will also help us too. We do not have much SPAM but  nonetheless, it is still quite annoying when it happens.

To find and use it I went to "General Settings" -> then "Security" tab to find "Captcha Form Submission" and then I chose "reCAPTCHA v2 (Google's reCAPTCHA system)"

Great tool, let's see what happens now.

Thanks

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated