Results 1 to 6 of 6

Thread: Denying Webmail Via .htaccess

  1. #1
    tibbie is offline Unknown Net Builder
    Join Date
    Apr 2009
    Posts
    106
    Thanks
    6
    Thanked 6 Times in 5 Posts

    Denying Webmail Via .htaccess

    Hi, been having problems with people using webmail to email spam via my sites. Any one got a clever piece of code to block?

    e.g.

    cox.net
    cable-lynx.net
    cuni.cz

    thanks

  2. #2
    TopDogger's Avatar
    TopDogger is offline Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,079
    Thanks
    347
    Thanked 914 Times in 698 Posts
    If someone is using your web forms to send spam through your site, the problem is with outdated code in your web form. Current e-mail forms do not allow that.

    Never expose your e-mail address in any visible HTML code. If you are using an old form, the e-mail address may be exposed.

    The problem may not be with your site. There is nothing to stop anyone from using your e-mail address as a return address. Anyone can do that and they do not need to go through your sites.

    You need to offer more details in order to identify the problem. How do you know that the spammers are using your sites to send the e-mail?
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  3. #3
    tibbie is offline Unknown Net Builder
    Join Date
    Apr 2009
    Posts
    106
    Thanks
    6
    Thanked 6 Times in 5 Posts
    Hi,
    I explained poorly - a user or users has gone into a proxy site of mine and logged into a webmail account of theirs (see above) and sent out spam emails. That action has been traced to my site/ip.

    Hence the need to block the likes of those webmail services listed.

  4. #4
    UncleP's Avatar
    UncleP is offline The perfect face for radio
    Join Date
    Nov 2009
    Location
    Blighty
    Posts
    218
    Thanks
    20
    Thanked 91 Times in 61 Posts
    If it's glype proxy then add the webmail domain's address into the blacklist domains field in admin. If you keep logs or have notification of the offenders IP address(es) you can add the IP's to glype's IP block list, you can block them in .htaccess as well. Job done. I don't know if you can block domains with .htaccess (only referers), you can block access to your domain with it though. Like this:
    Code:
    <Files 403.shtml>
    order allow,deny
    allow from all
    </Files>
    # Start Custom Blocks
    # Spammers
    deny from 203.141.62.236
    deny from 91.212.226.56
    deny from 212.98.208.66
    deny from 202.62.68.141
    deny from 109.107.255.151
    deny from 77.77.47.111
    deny from 77.78.35.126
    for example. Change numbers to the ones you want to block (taken from an arcade site of mine), only a small sample but you'll get the idea. Be careful adding stuff to .htaccess though 'cuz sometimes you'll get a "500 server error" for the slightest mistake (misplaced comma, wrong space etc.) so make a copy first
    If I can't be a good example, I'll just have to be a terrible warning...

  5. #5
    tibbie is offline Unknown Net Builder
    Join Date
    Apr 2009
    Posts
    106
    Thanks
    6
    Thanked 6 Times in 5 Posts
    Hi UncleP! I really like the "add the webmail domain's address into the blacklist domains field in admin" idea, will do that. And Ireland just beat the Wallabies, who would have thought!

  6. #6
    vectro's Avatar
    vectro is offline I Like Stuff
    Join Date
    Dec 2008
    Location
    U.S.A.
    Posts
    631
    Thanks
    192
    Thanked 104 Times in 82 Posts
    Popular webmail services are blocked at the firewall level on all of my servers, so everyone knows. Mail abuse is a problem.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •