[email protected] - how to block?

[AndyCZ]

For last few months I receiveing messages from address [email protected] through my presta contact form, total about 15 messages in one minute almost the same with adverts.

 

I implemented Captcha  but this doesn't really prevent this messages come.

 

I block the IP in my .htaccess file but any time it come from different IPs.

Order Deny,Allow
Deny from 68.180.228.
Deny from 178.238.228.
Deny from 212.7.220.
Deny from 207.46.13.
Deny from 98.138.112.38
Deny from 98.136.216.26
Deny from 98.138.112.33
allow from all
 

E-mail from customer: [email protected]

Message from customer: tiffany pas cher et bijoux co

tiffany bijoux

[b][url=http://www.tiffanyandring.org/fr/]tiffany blue[/url][/b] | [b]tiffany blue[/b] | [b][url=http://www.tiffanyandring.org/fr/]sortie tiffany[/url][/b]
Tiffany Sets: , tiffany outlet 2014.com
US Dollar
[url=http://www.tiffanyandring.org/fr/tiffany-co-charms-c-4.html]Tiffany & Co Charms[/url]
[url=http://www.tiffanyandring.org/fr/tiffany-co-boutons-de-manchette-c-5.html]Tiffany & Co Boutons de manchette[/url]
[url=http://www.tiffanyandring.org/fr/tiffany-co-anneaux-c-9.html]Tiffany & Co Anneaux[/url]
[url=http://www.tiffanyandring.org/fr/tiffany-co-boucles-doreilles-c-6.html]Tiffany & Co Boucles 

This address <[email protected]> not even exists...

<[email protected]>:
98.136.217.202 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account ([email protected]) [0] - mta1329.mail.gq1.yahoo.com

Please advice how to fight?

Edited June 15, 2017 by AndyCZ (see edit history)

[selectshop.at]

By blocking IP's you will not have the result you expect, cause you can send freemails with own SMTP server and there is no need to send mails direct from yahoo account. Furthermore the IP's not necessarily are added to a mailserver, so IP from webspace could be totally different as from the server sending the mails.

 

You can block it on the server on your mail-administration Panel (ask your provider, cuase I don't know what you are using on your server - spam-assassin, or other).

Add *@yahoo.com (with the wildcard) on blacklist.

[AndyCZ]

selectshop.at thanks for your advice!

 

Are you sure that blocking  *@yahoo.com at provider will solve the problem?

 

These emails sent from presta contact form, it came to my mailbox from eshop directly not own SMTP.

 

I can fill the form, type any email and it will send, also returned undelivered (faked email addresses).

 

Thanks.

[selectshop.at]

*@yahoo.com, will block all incoming mails with @yahoo.com BUT as it is possible to camouflage mailadressen by other sender address it could be that you will receive mails with yahoo.com, but in reality coming from other address. You should read the source from the mails and add them also to the blacklist.

 

Edit: search by "(mail)address munging" on the net for the camouflage method.

[AndyCZ]

thanks. Blocked on hosting. will see in month... Let you know.

[AndyCZ]

Did not work. A while ago 10 emails from <[email protected]> in less then one minute.

 

Any other idea?

 

Tomorrow morning further 10 emails.

 

Can I block on contact form type any word "yahoo"?

Edited November 18, 2016 by AndyCZ (see edit history)

[selectshop.at]

Which spam-blocker are you using on your server ? spam-assassin ?

[AndyCZ]

I see on hosting only this

 

But according to wiki it's RoundCube 

Edited June 15, 2017 by AndyCZ (see edit history)

[selectshop.at]

roundCube is not a spam-filter, but a webmail module (for to open your mails also on web, instead only delivering it via http to your local machine)..

Ask your provider for a help on how to configure spam-filtering on your webspace.

[AndyCZ]

thanks for clarifying..

 

Did already. The problem is they sending emails from eshop directly. Robots can pass CATCHPA it's not problem.

Suggestion was to use other CATCHPA module, disable notification emails to customer avoid the domain to get to smam list.

 

Anyway I do not know what to do. The first thing came to my mind is to remove contact form and use third party module.

 

Any other suggestions? Many thanks.  

[selectshop.at]

I doN#t know which filter you are using. There are several. Some of them let you add spam-lists like spam-cop, honeypot, or others. You should use them, cause they are accurate and know all IP's and spam methods and block them. By adding yourself list, you will go old...