• F
    User Attivo

    Blocco siti "portatori di spam"

    Non so se puo essere utile e se questa sia la sezione giusta. Vi incollo il mio .htaccess con l'elenco dei siti "spammosi" che ho trovato fin d'ora. Sono riuscito a ridurre di molto l'arrivo di email spazzatura dai form del mio portale.

    <Limit GET>
    order allow,deny
    deny from 125.90.64.69
    deny from 195.225.177.14
    deny from 195.225.177.46
    deny from 200.88.223.98
    deny from 202.7.166.163
    deny from 202.91.9.6
    deny from 203.201.252.148
    deny from 203.37.232.249
    deny from 216.147.215.194
    deny from 218.56.144.42
    deny from 58.65.236.1
    deny from 65.36.241.76
    deny from 65.36.241.79
    deny from 66.154.102.102
    deny from 66.154.102.105
    deny from 66.154.102.122
    deny from 66.154.102.123
    deny from 66.154.102.136
    deny from 66.154.102.15
    deny from 66.154.102.18
    deny from 66.154.102.24
    deny from 66.154.102.27
    deny from 66.154.102.33
    deny from 66.154.102.34
    deny from 66.154.102.44
    deny from 66.154.102.47
    deny from 66.154.102.49
    deny from 66.154.102.52
    deny from 66.154.102.65
    deny from 66.154.102.68
    deny from 66.154.102.71
    deny from 66.154.102.77
    deny from 66.154.102.78
    deny from 66.154.102.80
    deny from 66.154.102.82
    deny from 66.154.102.87
    deny from 66.154.102.90
    deny from 66.154.102.93
    deny from 66.154.102.96
    deny from 66.154.103.101
    deny from 66.154.103.104
    deny from 66.154.103.108
    deny from 66.154.103.110
    deny from 66.154.103.116
    deny from 66.154.103.118
    deny from 66.154.103.124
    deny from 66.154.103.129
    deny from 66.154.103.133
    deny from 66.154.103.134
    deny from 66.154.103.135
    deny from 66.154.103.136
    deny from 66.154.103.138
    deny from 66.154.103.139
    deny from 66.154.103.147
    deny from 66.154.103.154
    deny from 66.154.103.156
    deny from 66.154.103.163
    deny from 66.154.103.39
    deny from 66.154.103.46
    deny from 66.154.103.48
    deny from 66.154.103.59
    deny from 66.154.103.66
    deny from 66.154.103.68
    deny from 66.154.103.73
    deny from 66.154.103.83
    deny from 66.154.103.84
    deny from 66.154.103.90
    deny from 66.154.103.95
    deny from 66.154.103.98
    deny from 66.232.124.243
    deny from 67.15.207.27
    deny from 89.149.202.214
    deny from 219.136.239.51
    deny from 200.88.223.98
    deny from 220.8.116.165
    deny from 210.108.174.21
    allow from all
    </Limit>

    Saluti

    Dario

    0
  • B
    User Attivo

    Se il problema arriva dai form, basta usare o il captcha (per formail a te indirizzate) o 2 righe di codice per casi di mail injection

    0
  • F
    User Attivo

    Il problema arriva da un form del tipo Invia il link ad un amico il quale invia una mail anche a me per conoscenza. Ho integrato un campo per inserire un codice numerico generato a caso ma riduce solo lo spam. Dovrei inserire la generazione del codice come immagine, ma al momento non ne sono capace:D . Comunque con l'.htaccess ho ridotto parecchio.
    Ciao

    Dario

    P.S. Anche io uso Maxthon....la funzione antibosskey è una manna in ufficio:D 😄 😄

    0
  • B
    User Attivo

    @fmm said:

    Il problema arriva da un form del tipo Invia il link ad un amico il quale invia una mail anche a me per conoscenza. Ho integrato un campo per inserire un codice numerico generato a caso ma riduce solo lo spam. Dovrei inserire la generazione del codice come immagine, ma al momento non ne sono capace:D . Comunque con l'.htaccess ho ridotto parecchio.
    Ciao

    Dario

    P.S. Anche io uso Maxthon....la funzione antibosskey è una manna in ufficio:D 😄 😄

    Allora fai molta attenzione, perchè stanno usando la tua form per fare spam a mezzo mondo ... a te arriva solo la prima mail ... ma in bcc ne mandano a tonnellate.

    Basta applicare questo piccolo controllo

    [PHP] <?php
    $from = $_POST["sender"];
    $from = urldecode($from);
    if (eregi("(\r|\n)", $from)) {
    die("Why ?? :(");
    }
    ?>[/PHP]

    e il gioco è fatto 🙂

    :ciauz:

    PS: Uso Maxthon principalmente per il super drag & drop e la gestione delle schede imparagonabili ad altri browser.

    0
  • F
    User Attivo

    Grazie, oggi provero' a modificare il modulo di joomla;)

    0
  • F
    User Attivo

    Scusa se approfitto, questo è il codice del modulo joomla da me personalizzato. Dove dovrei inserire il codice da te suggerito? Grazie in anticipo per la disponibilità.

    Dario

    
<?php

/** ensure this file is being included by a parent file */
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

$send=mosGetParam($_REQUEST,'send_tellafriend');

if($send){
    $name_sender=mosGetParam($_REQUEST,'name_sender');
    $email_sender=mosGetParam($_REQUEST,'email_sender');
    $name_reciepent=mosGetParam($_REQUEST,'name_reciepent');
    $email_reciepent=mosGetParam($_REQUEST,'email_reciepent');
    $user_message=mosGetParam($_REQUEST,'message');

    $subject=$params->_params->subject;
    $message = $params->_params->message;
    $copy = $params->_params->copy;

    $link=mosGetParam($_SERVER,'HTTP_REFERER');

    $message = str_replace("",$link, $message);
    $message = str_replace("[RNAME]",$name_reciepent, $message);
    $message = str_replace("[SNAME]",$name_sender, $message);
    $message = str_replace("[TXT]",$user_message."\n", $message);
    $message = str_replace("<br />","\n", $message);


    mosMail($email_sender, $name_sender, $email_reciepent, $subject, $message);
    mosMail($email_sender, $name_sender, $copy, $subject, $message);
    echo '<span class="message">Messaggio inviato</span>';
}

?>

<?
srand((double)microtime()*1000000);
$codice = rand(10000,99999);
?>

<script language="javascript" type="text/javascript">
function check(formulier){

  if (formulier.name_sender.value=="Name")
    {
        alert("Inserisci il tuo nome");
        var a = false;
    }
    else{
        var a = true;
    }

      var x = formulier.email_sender.value;
      var filter  = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
      if (!filter.test(x)){
          alert("Inserisci la tua mail");
          var a = false;
      }
      else{
          var a = true;
      }


    if (formulier.name_reciepent.value=="Name")
    {
        alert("Inserisci il nome del destinatario");
        var a = false;
    }
    else{
        var a = true;
    }

      var x = formulier.email_reciepent.value;
      var filter  = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
      if (!filter.test(x)){
          alert("Inserisci l'e-mail del destinatario");
          var a = false;
      }
      else{
          var a = true;
      }

   if (formulier.verificacodice.value != formulier.codice.value)
    {
        alert("Codice di verifica errato");
        var a = false;
    }
    else{
        var a = true;
    }

    if(a){
        form = document.getElementById('tellafriend');
        form.submit();
    }
}

</script>

<table class="tellafriend" >
<form name="tellafriend" id="tellafriend" method="post">
<tr><td class="tellafriend_label">Da: </td></tr>
<tr><td><input type="text" class="inputbox" name="name_sender" value="Nome" onblur="if(this.value=='') this.value='Nome';" onfocus="if(this.value=='Nome') this.value='';"></td></tr>
<tr><td><input type="text" class="inputbox" name="email_sender" value="Email" onblur="if(this.value=='') this.value='Email';" onfocus="if(this.value=='Email') this.value='';"></td></tr>
<tr><td class="tellafriend_label">A:</td></tr>
<tr><td><input type="text" class="inputbox" name="name_reciepent" value="Nome" onblur="if(this.value=='') this.value='Nome';" onfocus="if(this.value=='Nome') this.value='';"></td></tr>
<tr><td><input type="text" class="inputbox" name="email_reciepent" value="Email" onblur="if(this.value=='') this.value='Email';" onfocus="if(this.value=='Email') this.value='';"></td></tr>
<tr><td class="tellafriend_label">Messaggio (opzionale):</td></tr>
<tr><td><textarea name="message" class="inputbox" rows=4 cols=15></textarea></td></tr>
<tr><td class="tellafriend_label">Codice di verifica </td></tr>
<tr><td><input name="codice" type="text" class="inputbox" value="<?echo $codice?>" size="5" maxlength="5" disabled="disabled" >
</td></tr>
<input type="hidden" name="send_tellafriend" value="true">
<tr>
<tr><td class="tellafriend_label">Inserisci codice di verifica </td></tr>
<td><input name="verificacodice" type="text" class="inputbox" id="verificacodice" size="5" maxlength="5">
</td></tr>
<tr><td><input type="button" value="invia" class="button" onclick="javascript: return check(document.tellafriend)"></td></tr>
</form>
</table>
    0
  • giorgiotave
    Community Manager

    Ciao fmm,

    ti sposto nel Forum dedicato a Joomla 🙂

    0
  • T
    User Attivo

    @fmm said:

    Non so se puo essere utile e se questa sia la sezione giusta. Vi incollo il mio .htaccess con l'elenco dei siti "spammosi" che ho trovato fin d'ora. Sono riuscito a ridurre di molto l'arrivo di email spazzatura dai form del mio portale.

    <Limit GET>
    order allow,deny
    deny from 125.90.64.69
    deny from 195.225.177.14
    deny from 195.225.177.46
    deny from 200.88.223.98
    deny from 202.7.166.163
    deny from 202.91.9.6
    deny from 203.201.252.148
    deny from 203.37.232.249
    deny from 216.147.215.194
    deny from 218.56.144.42
    deny from 58.65.236.1
    deny from 65.36.241.76
    deny from 65.36.241.79
    deny from 66.154.102.102
    deny from 66.154.102.105
    deny from 66.154.102.122
    deny from 66.154.102.123
    deny from 66.154.102.136
    deny from 66.154.102.15
    deny from 66.154.102.18
    deny from 66.154.102.24
    deny from 66.154.102.27
    deny from 66.154.102.33
    deny from 66.154.102.34
    deny from 66.154.102.44
    deny from 66.154.102.47
    deny from 66.154.102.49
    deny from 66.154.102.52
    deny from 66.154.102.65
    deny from 66.154.102.68
    deny from 66.154.102.71
    deny from 66.154.102.77
    deny from 66.154.102.78
    deny from 66.154.102.80
    deny from 66.154.102.82
    deny from 66.154.102.87
    deny from 66.154.102.90
    deny from 66.154.102.93
    deny from 66.154.102.96
    deny from 66.154.103.101
    deny from 66.154.103.104
    deny from 66.154.103.108
    deny from 66.154.103.110
    deny from 66.154.103.116
    deny from 66.154.103.118
    deny from 66.154.103.124
    deny from 66.154.103.129
    deny from 66.154.103.133
    deny from 66.154.103.134
    deny from 66.154.103.135
    deny from 66.154.103.136
    deny from 66.154.103.138
    deny from 66.154.103.139
    deny from 66.154.103.147
    deny from 66.154.103.154
    deny from 66.154.103.156
    deny from 66.154.103.163
    deny from 66.154.103.39
    deny from 66.154.103.46
    deny from 66.154.103.48
    deny from 66.154.103.59
    deny from 66.154.103.66
    deny from 66.154.103.68
    deny from 66.154.103.73
    deny from 66.154.103.83
    deny from 66.154.103.84
    deny from 66.154.103.90
    deny from 66.154.103.95
    deny from 66.154.103.98
    deny from 66.232.124.243
    deny from 67.15.207.27
    deny from 89.149.202.214
    deny from 219.136.239.51
    deny from 200.88.223.98
    deny from 220.8.116.165
    deny from 210.108.174.21
    allow from all
    </Limit>

    Saluti

    Dario

    il tuo file .htaccess potrebbe essere più piccolo ad esempio

    <Limit GET>
    order allow,deny
    deny from 125.90.64.69
    ** deny from 195.225.177.***
    deny from 200.88.223.98
    deny from 202.7.166.163
    deny from 202.91.9.6
    deny from 203.201.252.148
    deny from 203.37.232.249
    deny from 216.147.215.194
    deny from 218.56.144.42
    deny from 58.65.236.1
    ** deny from 65.36.241.*
    deny from 66.154.10*.***
    deny from 66.232.124.243
    deny from 67.15.207.27
    deny from 89.149.202.214
    deny from 219.136.239.51
    deny from 200.88.223.98
    deny from 220.8.116.165
    deny from 210.108.174.21
    allow from all
    </Limit>

    in questo modo limiti un range di ip

    0
  • S
    User

    Una domanda...
    E se volessi bloccare gli spam bloccando gli invio mail dal form che contengono link? In genere ti inviano link...

    Che codice dovrei inserire nel blocco ?

    0
Effettua l'accesso per rispondere