Jump to content

Support Center Spam


xxkylexx

Recommended Posts

  • WHMCS CEO

We get a lot of spam tickets on ours too. It's pretty difficult to protect against though, the from address is always different and a simple word filter could mean a lot of valid tickets get filtered out. Not sure what the best way around it is.

 

Matt

Link to comment
Share on other sites

Hey,

 

I posted thie before, but I think MySQL got restored but anyways.

 

--

We get around 150 spam emails per day. So 5-10 your lucky :) I don't use WHMCS for my support software but Kayako's eSupport.

 

Kayako has three different ways of handling spam which I think WHMCS should also have.

 

1) Verified emails will be sent to the database. Meaning, if a user sends an email/ticket to support[at]domain.com from customer[at]yahoo.com an email will be sent out to customer[at]yahoo.com to verified his or her email. Once they have verified this email the ticket will be opened.

 

2) Web Form request will only be allowed. Meaning, customers will only be able to ask for help via a web form. This only happens when they first open a ticket. Later on they will be able to reply to this both the web and email.

 

3) Block emails. If you are getting emails from a user at spam[at]spam.org you will be able to block the email from coming in. You will also be able to block any words in the subject or body of the message. (I wouldn't recommend this as it could block a client email)

 

What I like to do, is have none of these options turned on. Sometimes clients get confused about the whole deal or the spam filter catches the wrong email or we hit the wrong button. So I just let the spam come and just do a batch deleted on all spam emails.

 

What you can also do is, instead of putting support[at]domain.com you can use an image that will fit with the rest of your websites. This way, when bots go to your site they see an image and not an email address.

 

From,

Adam

Link to comment
Share on other sites

I always just encrypt any email addresses on a website using MD5, this allows users to see the email address and use them, but not spyders. I also have all mail servers tweaked pretty well for spam filtering, so myself or my clients rarely receive spam. These two things make a huge difference when combating spam in general and of course includes spam support tickets as well.

 

I do think Adams requests are good, I guess I am just lucky I dont need them. =P

Link to comment
Share on other sites

  • 3 weeks later...

One thing I've found helpful is use non-general email addresses... sales@... and info@... are heavily spammed (just as bob@ and mary@ etc.) simply because it's a generic name that is likely to exist. (Don't believe me, take a look at your mail log - at some point you will see failures for users who don't exist - I've seen peaks of 200-300 failures within a short period of time for random names on a mailserver with a popular domain but only a handful of actual users)

 

I also never actually list the email address anywhere online to be harvested (unless somehow encrypted, or in an image, etc. but even then I don't trust it to keep the address safe) I offer contact forms which do not contain the email address anywhere in the HTML, only passing an ID number which is then matched via PHP script to an email address.

 

Once the customer has the email address from my reply, I don't mind them emailing it directly - I just don't want it visible via the web. With this you also run the risk of scaring people off because they can't find an actual email address, so you have to try and ensure their ability to contact you via a web based form.

 

So creating SalesDeptContact@MyCompany.com will likely prevent "common name" spam, and not having it listed on the website in "plain text" form will help prevent it from being harvested. Also, don't link to your email address - making a mailto: link and changing the text of the link to "email us" doesn't help as the email address is still in plain text in the link. On websites where I felt it absolutely necessary to show an email address, I've done just that - shown an image containing the text of the email address and not linked, or linked to the contact form.

Link to comment
Share on other sites

Adam's option 1 sounds like a good idea which should be implementable in WHMCS.

What do you think, Matt?

 

This sounds like a nice idea, but I've previously had a support system with that functionality and it was more annoying to my customers and I had to change because I couldn't turn it off...

 

I wouldn't mind having the ability to require user registration for support tickets - as long as I can turn it off and revert back to the original functionality if needed.

Link to comment
Share on other sites

  • WHMCS CEO
Adam's option 1 sounds like a good idea which should be implementable in WHMCS.

What do you think, Matt?

 

I also think requiring users to confirm their ticket submissions before it actually being submitted is a bad idea. The confirmation email could easily end up in a users junk folder and then as far as the client is concerned they have emailed you but you will never actually get the email.

 

Spam is a problem, no doubt, but there's not a lot you can do about it. Two features I am planning on adding to help combat the issue are:

 

1. Only allow registered customers to open tickets by email (option to enable/disable)

 

2. Keyword blocking in subject and message

 

Matt

Link to comment
Share on other sites

Adam's option 1 sounds like a good idea which should be implementable in WHMCS.

What do you think, Matt?

I also think requiring users to confirm their ticket submissions before it actually being submitted is a bad idea. The confirmation email could easily end up in a users junk folder and then as far as the client is concerned they have emailed you but you will never actually get the email.

 

Hey,

 

Me too, hence the reason I don't use any of the options I said above. I would rather deal with spam and make sure all my clients get the emails rather then do less work but clients not getting emails...

 

From,

Adam

Link to comment
Share on other sites

  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated