xxkylexx Posted October 18, 2006 Share Posted October 18, 2006 Just wondering if you guys have alot of spam piping in to your support center's? Latly I have been getting 5-10 spam tickets per day. Any suggestions on dealing with it? Kyle 0 Quote Link to comment Share on other sites More sharing options...
WHMCS CEO Matt Posted October 18, 2006 WHMCS CEO Share Posted October 18, 2006 We get a lot of spam tickets on ours too. It's pretty difficult to protect against though, the from address is always different and a simple word filter could mean a lot of valid tickets get filtered out. Not sure what the best way around it is. Matt 0 Quote Link to comment Share on other sites More sharing options...
strategy Posted October 18, 2006 Share Posted October 18, 2006 Image verification would help. 0 Quote Link to comment Share on other sites More sharing options...
WHMCS CEO Matt Posted October 18, 2006 WHMCS CEO Share Posted October 18, 2006 No, these tickets are created by email from the email piping. Matt 0 Quote Link to comment Share on other sites More sharing options...
Adam Posted October 19, 2006 Share Posted October 19, 2006 Hey, I posted thie before, but I think MySQL got restored but anyways. -- We get around 150 spam emails per day. So 5-10 your lucky I don't use WHMCS for my support software but Kayako's eSupport. Kayako has three different ways of handling spam which I think WHMCS should also have. 1) Verified emails will be sent to the database. Meaning, if a user sends an email/ticket to support[at]domain.com from customer[at]yahoo.com an email will be sent out to customer[at]yahoo.com to verified his or her email. Once they have verified this email the ticket will be opened. 2) Web Form request will only be allowed. Meaning, customers will only be able to ask for help via a web form. This only happens when they first open a ticket. Later on they will be able to reply to this both the web and email. 3) Block emails. If you are getting emails from a user at spam[at]spam.org you will be able to block the email from coming in. You will also be able to block any words in the subject or body of the message. (I wouldn't recommend this as it could block a client email) What I like to do, is have none of these options turned on. Sometimes clients get confused about the whole deal or the spam filter catches the wrong email or we hit the wrong button. So I just let the spam come and just do a batch deleted on all spam emails. What you can also do is, instead of putting support[at]domain.com you can use an image that will fit with the rest of your websites. This way, when bots go to your site they see an image and not an email address. From, Adam 0 Quote Link to comment Share on other sites More sharing options...
MACscr Posted October 19, 2006 Share Posted October 19, 2006 I always just encrypt any email addresses on a website using MD5, this allows users to see the email address and use them, but not spyders. I also have all mail servers tweaked pretty well for spam filtering, so myself or my clients rarely receive spam. These two things make a huge difference when combating spam in general and of course includes spam support tickets as well. I do think Adams requests are good, I guess I am just lucky I dont need them. =P 0 Quote Link to comment Share on other sites More sharing options...
s1rk3ls Posted November 3, 2006 Share Posted November 3, 2006 One thing I've found helpful is use non-general email addresses... sales@... and info@... are heavily spammed (just as bob@ and mary@ etc.) simply because it's a generic name that is likely to exist. (Don't believe me, take a look at your mail log - at some point you will see failures for users who don't exist - I've seen peaks of 200-300 failures within a short period of time for random names on a mailserver with a popular domain but only a handful of actual users) I also never actually list the email address anywhere online to be harvested (unless somehow encrypted, or in an image, etc. but even then I don't trust it to keep the address safe) I offer contact forms which do not contain the email address anywhere in the HTML, only passing an ID number which is then matched via PHP script to an email address. Once the customer has the email address from my reply, I don't mind them emailing it directly - I just don't want it visible via the web. With this you also run the risk of scaring people off because they can't find an actual email address, so you have to try and ensure their ability to contact you via a web based form. So creating SalesDeptContact@MyCompany.com will likely prevent "common name" spam, and not having it listed on the website in "plain text" form will help prevent it from being harvested. Also, don't link to your email address - making a mailto: link and changing the text of the link to "email us" doesn't help as the email address is still in plain text in the link. On websites where I felt it absolutely necessary to show an email address, I've done just that - shown an image containing the text of the email address and not linked, or linked to the contact form. 0 Quote Link to comment Share on other sites More sharing options...
ScarabWeb Posted November 6, 2006 Share Posted November 6, 2006 Adam's option 1 sounds like a good idea which should be implementable in WHMCS. What do you think, Matt? 0 Quote Link to comment Share on other sites More sharing options...
s1rk3ls Posted November 6, 2006 Share Posted November 6, 2006 Adam's option 1 sounds like a good idea which should be implementable in WHMCS.What do you think, Matt? This sounds like a nice idea, but I've previously had a support system with that functionality and it was more annoying to my customers and I had to change because I couldn't turn it off... I wouldn't mind having the ability to require user registration for support tickets - as long as I can turn it off and revert back to the original functionality if needed. 0 Quote Link to comment Share on other sites More sharing options...
WHMCS CEO Matt Posted November 6, 2006 WHMCS CEO Share Posted November 6, 2006 Adam's option 1 sounds like a good idea which should be implementable in WHMCS.What do you think, Matt? I also think requiring users to confirm their ticket submissions before it actually being submitted is a bad idea. The confirmation email could easily end up in a users junk folder and then as far as the client is concerned they have emailed you but you will never actually get the email. Spam is a problem, no doubt, but there's not a lot you can do about it. Two features I am planning on adding to help combat the issue are: 1. Only allow registered customers to open tickets by email (option to enable/disable) 2. Keyword blocking in subject and message Matt 0 Quote Link to comment Share on other sites More sharing options...
Adam Posted November 7, 2006 Share Posted November 7, 2006 Adam's option 1 sounds like a good idea which should be implementable in WHMCS.What do you think, Matt? I also think requiring users to confirm their ticket submissions before it actually being submitted is a bad idea. The confirmation email could easily end up in a users junk folder and then as far as the client is concerned they have emailed you but you will never actually get the email. Hey, Me too, hence the reason I don't use any of the options I said above. I would rather deal with spam and make sure all my clients get the emails rather then do less work but clients not getting emails... From, Adam 0 Quote Link to comment Share on other sites More sharing options...
Blueberry3.14 Posted November 28, 2006 Share Posted November 28, 2006 Try installing MailScanner. http://www.mailscanner.info/ When combined with SpamAssassin, ClamAV, DCC and Razor, it kicks butt against spam. 80-85% of the email traffic that arrives on my server is spam, yet very, very little ever filters through to my email addresses or any of the clients. If I get 3 a week that's a lot. 0 Quote Link to comment Share on other sites More sharing options...
MACscr Posted November 28, 2006 Share Posted November 28, 2006 thanks for the tip about DCC and Razor. Going to have to look at my setup to see if its taking advantage of the two. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.