No Blacklist – it’s easy to spam unlimited

  • I can put in someone’s email, send, annoy him, and the site owner – and possibly raise his spam score and ruin his reputation…

    I tried to enter that email in the DB and assign it to a dummy group “Blacklist” (which would never send any newsletters).
    This doesn’t work as there is the “Group bug”, described in my previous post.
    And as far as I see there’s zero protection against mass sending confirmation emails, i.e.:

    – A limit of how many requests an IP can do per hour.
    – A total limit of how many requests ESN accepts per hour.
    – A message “Already subscribed”, if the email is already subscribed.
    – A message “Confirmation Email has been sent x minutes ago”, instead of immediately sending it again.

Viewing 1 replies (of 1 total)
  • Plugin Author Icegram

    (@icegram)

    Hi @crispress,

    We’ll look into it.

    A limit of how many requests an IP can do per hour.

    ESN sends emails based on how many emails are allowed per hour (except in Cron).

    A message “Already subscribed”, if the email is already subscribed.

    This works correctly.

    A message “Confirmation Email has been sent x minutes ago”, instead of immediately sending it again.

    Not possible currently. Might consider in future.

Viewing 1 replies (of 1 total)
  • The topic ‘No Blacklist – it’s easy to spam unlimited’ is closed to new replies.