Results 1 to 6 of 6

Thread: Denying Webmail Via .htaccess

Hybrid View

  1. #1

    Denying Webmail Via .htaccess

    Hi, been having problems with people using webmail to email spam via my sites. Any one got a clever piece of code to block?



  2. #2
    If someone is using your web forms to send spam through your site, the problem is with outdated code in your web form. Current e-mail forms do not allow that.

    Never expose your e-mail address in any visible HTML code. If you are using an old form, the e-mail address may be exposed.

    The problem may not be with your site. There is nothing to stop anyone from using your e-mail address as a return address. Anyone can do that and they do not need to go through your sites.

    You need to offer more details in order to identify the problem. How do you know that the spammers are using your sites to send the e-mail?
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin

  3. #3
    I explained poorly - a user or users has gone into a proxy site of mine and logged into a webmail account of theirs (see above) and sent out spam emails. That action has been traced to my site/ip.

    Hence the need to block the likes of those webmail services listed.

  4. #4
    If it's glype proxy then add the webmail domain's address into the blacklist domains field in admin. If you keep logs or have notification of the offenders IP address(es) you can add the IP's to glype's IP block list, you can block them in .htaccess as well. Job done. I don't know if you can block domains with .htaccess (only referers), you can block access to your domain with it though. Like this:
    <Files 403.shtml>
    order allow,deny
    allow from all
    # Start Custom Blocks
    # Spammers
    deny from
    deny from
    deny from
    deny from
    deny from
    deny from
    deny from
    for example. Change numbers to the ones you want to block (taken from an arcade site of mine), only a small sample but you'll get the idea. Be careful adding stuff to .htaccess though 'cuz sometimes you'll get a "500 server error" for the slightest mistake (misplaced comma, wrong space etc.) so make a copy first
    If I can't be a good example, I'll just have to be a terrible warning...

  5. #5
    Hi UncleP! I really like the "add the webmail domain's address into the blacklist domains field in admin" idea, will do that. And Ireland just beat the Wallabies, who would have thought!

  6. #6
    Popular webmail services are blocked at the firewall level on all of my servers, so everyone knows. Mail abuse is a problem.

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts