mauritsvanrees
commented
4 years ago Is this still a problem? I have it in the back of my mind, but I still have no idea what the real problem is.
Open merpdotcom opened 5 years ago
mauritsvanrees
commented
4 years ago Is this still a problem? I have it in the back of my mind, but I still have no idea what the real problem is.
Alas, problem has returned. I noticed some issues a few weeks ago with bogus accounts, so quickly installed emailconfirmationregistration. But today started getting a bunch of email bounces for account confirmation stage, but nobody waiting in the confirmation queue.
They are successfully injecting bogus accounts into the system. It looks like "they" have so far injected 26 bogus accounts into the Users listing.
I have both recaptcha setup and working, and collective.emailconfirmationregistration. They both seem to work when I test them, but somehow something is getting past that process? So far only one of the 30+ sites in that Plone instance are showing this activity. Version information (running on CentOS 7) Plone 5.1.4 (5114) CMF 2.2.12 Zope 2.13.27 Python 2.7.14 (default, Jun 26 2018, 10:14:38) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] PIL 5.1.0 (Pillow)
Suggestions? Thanks!
Example bounce message (half dozen and counting so far today):
From: RPG Research Website rpgresearcher@gmail.com To: trentburnell@s0ny.igg.biz Subject: User Account Information for RPG Research - Studying the effects of all role-playing games and their potential to improve lives. Date: Fri, 08 Feb 2019 16:31:01 -0700 Welcome Luther Aslatt, Your user account has been created. Your username is Luther. Please activate it by visiting http://www.accessiblerpg.com/rpgresearch/passwordreset/7c1f2e6b093e4214be850c86b109bef1?userid=Luther Please activate your account before Feb 15, 2019 11:31 PM With kind regards,
RPG Research Website