Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spam dispatch via double opt-in mail #565

Open
icehawk-de opened this issue May 15, 2024 · 6 comments
Open

Spam dispatch via double opt-in mail #565

icehawk-de opened this issue May 15, 2024 · 6 comments
Milestone

Comments

@icehawk-de
Copy link

We use double opt-in registration and manual activation by an admin.

The registration form is protected by sr_freecap. Unfortunately, this no longer offers protection against spam bots, so that they can register successfully. The resulting double opt-in mail was „correctly“ declared as spam by our hoster and the mail delivery was blocked by the server.

Are there any other ways to secure the registration form? Can you give me any tips or possibilities?

@sbusemann
Copy link
Contributor

Hi, in the latest versions of the femanager a new setting was introduced which can prevent deletion of profiles. This approach will be added also for confirmations. This can prevent spam bots in the future.

@icehawk-de
Copy link
Author

OK. We are using the 6.4.0 on a TYPO3 10.
Is it here also implemented?

Can you give me a hint into the documentation?

@sbusemann
Copy link
Contributor

https://docs.typo3.org/p/in2code/femanager/8.1/en-us/Features/ConfirmUserConfirmationRefused/Index.html
This works at the moment only for refusting profiles. A simular feature is planned also for confirmations. You can sponsor this, if you want it fast.

@Danielvdv
Copy link

The problem is that the bots use the registration to send spam and sr_freecap is actually useless. It should be possible to integrate other Captchas like hCaptcha. The function you describe does not explain exactly how this is supposed to work, how it further prevents bots and how reliable it ultimately is.

@sbusemann
Copy link
Contributor

It is not the same as a captcha solution, but it is an additional step, that has to be confirmed.

@icehawk-de
Copy link
Author

Is it possible to integrate hcaptcha as an additional option for spam prevention.

@sbusemann sbusemann added this to the backlog milestone Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants