osCmax v2.5 User Manual
Results 1 to 5 of 5

Someone is spamming through my osCMax

This is a discussion on Someone is spamming through my osCMax within the osCmax v1.7 Discussion forums, part of the osCmax v1.7 Forums category; Hi, I recently discovered that someone is using the scripts in my osCMax installation to send spam. I'm not sure ...

      
  1. 03-27-2007, 01:01 PM #1
    shazam-fu
    shazam-fu is offline
    New Member
    Join Date
    Dec 2006
    Posts
    5
    Rep Power
    0

    Default Someone is spamming through my osCMax

    Hi,
    I recently discovered that someone is using the scripts in my osCMax installation to send spam.

    I'm not sure which script is being used but it could be any that use the following functions:
    catalog_server2/includes/languages/english/contact_us.php
    html/catalog/includes/languages/espanol/gv_send.php
    html/catalog/includes/languages/english/gv_send.php
    html/catalog/includes/languages/english/contact_us.php
    html/catalog/includes/languages/german/gv_send.php

    It's got to be one of these because the first subject in the spam header is "Enquiry from Southworth Company" and that text is used in the emails generated from those functions. There's a 2nd subject that replaces the first that just says "Hi."

    Another part of the header is: X-Mailer: osCommerce Mailer

    Is there any way to tighten up the functions to stop this? Has anyone else had this problem?

    Thanks!
    Last edited by shazam-fu; 03-27-2007 at 01:04 PM.
  2. 03-27-2007, 01:39 PM #2
    michael_s
    michael_s is offline
    osCMax Developer

    michael_s's Avatar
    Join Date
    Jul 2002
    Location
    Phoenix, AZ
    Posts
    19,907
    Donation Award 
    Rep Power
    568

    Default Re: Someone is spamming through my osCMax

    this is most likely the culprit:
    catalog_server2/includes/languages/english/contact_us.php

    And it was fixed in oscmax over a year ago. You need to patch your store:
    osCommerce Documentation by OSCdox :: osCommerce and osCMax installation and users manual, discussion forums (Downloads)
    Michael Sasek
    osCMax Developer

    osCmax Installation Service     - Have our professionals install osCmax on your server - same day service!
    osCmax 2.5 User Manual - the must have beginners guide to osCmax v2.5

    Stay Up To Date with everything osCMax:
    Free osCmax Newsletters - Security notices, New Releases, osCMax News
    osCmax on Twitter - Up to the minute info as it happens. Know it first.

    osCmax Documentation
  3. 03-28-2007, 04:43 AM #3
    shazam-fu
    shazam-fu is offline
    New Member
    Join Date
    Dec 2006
    Posts
    5
    Rep Power
    0

    Default Re: Someone is spamming through my osCMax

    Ahh, looks like I'll have to upgrade in order to fix the problem. Or will the patch work w/ v1.7?

    I wouldn't mind upgrading except I'm nervous about it because there's a huge amount of data in the database. I've looked for an upgrade download but it looks like there are only full installs. Is that right? I haven't been able to find instructions for upgrading, either. But maybe I just haven't been able to find them. Are there any?

    Thanks for your help!
  4. 03-28-2007, 07:19 AM #4
    michael_s
    michael_s is offline
    osCMax Developer

    michael_s's Avatar
    Join Date
    Jul 2002
    Location
    Phoenix, AZ
    Posts
    19,907
    Donation Award 
    Rep Power
    568

    Default Re: Someone is spamming through my osCMax

    The patch will work with 1.7, but you need to manually merge in the changes, and there are some changes you need to skip (they are pretty obvious, as the modified code that needs to be skipped is completely absent from osCMax v1.7).

    I have done several manual patches of v1.7 and it works well. I suggest doing the patch on an off line copy of your store to work out any kinks before attempting on your live site.

    There are no instructions for upgrading, as it is not something that anyone that needs instructions should be doing at this time. osCMax 2 is still being worked on, and the upgrade path is fraught danger for the average user of osCMax
    Michael Sasek
    osCMax Developer

    osCmax Installation Service     - Have our professionals install osCmax on your server - same day service!
    osCmax 2.5 User Manual - the must have beginners guide to osCmax v2.5

    Stay Up To Date with everything osCMax:
    Free osCmax Newsletters - Security notices, New Releases, osCMax News
    osCmax on Twitter - Up to the minute info as it happens. Know it first.

    osCmax Documentation
  5. 03-28-2007, 07:56 AM #5
    shazam-fu
    shazam-fu is offline
    New Member
    Join Date
    Dec 2006
    Posts
    5
    Rep Power
    0

    Default Re: Someone is spamming through my osCMax

    Got it. Thanks very much!
« Which version of Easy Populate to use? | Only one Language? »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules