Surge in new users on my website, are they fake? - email

Sorry if this is the wrong exchange.
Ok I have had my DotNetNuke website up for awhile now but no man users signing up. After speaking to one users it seems that my skin was a little poor in terms of logging in/registering as rather than the usual 2 buttons my skin just had a '+'
Anyway I changed my skin so I now have a clear 'Login' and 'Register' button. Over 24 hours or so I suddenly had a load of new users (40+). Checking my email inbox I seem to have quite a few Delivery errors for most of these users with errors like so.
Failed Recipient: #gmail.com
Reason: Remote host said: 550 5.1.1 The email account that you tried to reach does not exist. Please try
5.1.1 double-checking the recipient's email address for typos or
5.1.1 unnecessary spaces. Learn more at
5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 ay8si26335412wib.67 - gsmtp
or
Failed Recipient: #live.de
Reason: Remote host said: 550 Requested action not taken: mailbox unavailable
and another
Failed Recipient: #gawab.com
Reason: Failed to connect to the recipients mail server. No DNS information was found for the 'gawab.com' domain.
this one says fake account???
Failed Recipient: #yahoo.com
Reason: Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (#yahoo.com) [0] - mta1153.mail.gq1.yahoo.com
Obviously I have removed the start of the email address for posting here.
So my question is what is the cause of these errors?
Is it DNN and some settings?
Is it my mail server? - using SmarterMail
Are they just fake accounts?
If they are fake accounts is there anyway I can better prevent them?

There has been a recent exploit by spammers who figured out how to script automated registrations on DNN websites. I was getting 20-40 of these per day on my DNN sites also. There is a way to address this. Follow the steps described in the following articles:
http://www.dnnsoftware.com/community-blog/cid/154984/spammer-registrations
OR
http://www.dnnhero.com/Premium/Tutorial/tabid/259/ArticleID/300/2-Strategies-on-how-to-deal-with-DNN-Registration-Spam-Part-1-3.aspx

Related

Unusual email sent in Moodle (reports/insights)

I have Moodle server configured to password reset using a Gmail account. Recently I had to migrate all the Moodle websites to a new CentOS 7 server (The Postfix was active with default configurations). Suddenly all the teachers were received thousands of emails subjected "Students at risk in 'Course Name'" with the body,
>Hi "Teacher name",
>A number of students in "Course Name" have never accessed the course.
>
>View insight (this is a link to 'https://my.moodle.url/report/insights/insights.php?modelid=4&contextid=14517')
One Teacher informed me this is happened due to Insights module and he deactivated the same module. I also deactivated the Postfix. Then everything was fine for about a week.
Today from another Moodle website in the same server has sent an email to another teacher subjected 'Upcoming courses have no teachers or students' and the body,
Hi 'Teacher name',
Courses with start dates in the next week have been
identified as having no teacher or student enrolments.
View insight (Linked to
https://my.moodle.url/report/insights/insights.php?modelid=2&contextid=1)
Reading this in an email? Download the mobile app and receive
notifications on your mobile device. (Linked to
'https://download.moodle.org/mobile?version=2019111803.02&lang=en&iosappid=633359593&androidappid=com.moodle.moodlemobile')
Please kindly support me to solve this issue. Is my server/ Moodle websites hacked?
Server configurations:
CentOS 7 (Linux my.host.name 3.10.0-1127.8.2.el7.x86_64 #1 SMP Tue
May 12 16:57:42 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux)
Nginx 1.16.1
php 7.2.31
Moodle 3.8
Thank you,
This is due to a setting that must be still activated in Moodle adminitration. You can search for the key-word enableanalytics and turn this setting off.
The server may not send any of those emails after that.
The documentation of this tool can be found here : https://docs.moodle.org/38/en/Analytics_settings

Internal server issue in PayPal Sandbox developer account

When I am going to connect my website with PayPal Sandbox account I get an error:
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster#paypal.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log."
Why this error? It was working before.
There was some sandbox downtime over the last 24 hours. The internal teams were able to find the issue and fix the immediate problem. Sandbox should now be up and running (if not, please let me know). The team is also looking into the root of the problem to ensure this doesn't happen in the future.

Jenkins won't send e-mails anymore

This might be a tough thing to figure out but i have to give it a try.
With no changes i am aware of, my jenkins just stopped sending out e-mail notifications. I use jenkins 1.609 and email extension plugin 2.40.5. Jenkins runs as a service using a service user who also has the rights on the server to send e-mails. Ports to our smtp-server are unlocked. Used telnet for testing that everything works as expected. SMTP-server works fine, so it has something to do with jenkins and i cant figure out what is going wrong.
For some unknown reason jenkins still fails to send e-mails. When i use the test-feature that jenkins offers i get: javax.mail.AuthenticationFailedException: 535 5.7.3 Authentication unsuccessful which tells me that either user or pw is incorrect, but as mentioned i've checked many times, it's setup correctly. Can anyone help out with this?
UPDATE:
After decrypting the password i can safely say that jenkins does save the password correct. Is there any way i can check that jenkins actually compares the correct encrypted passwords with each other? From my understanding jenkins uses 2 different encrypting techniques, maybe it uses tech1 for stored pw and tech2 for compare pw?
ANOTHER UPDATE:
Just tried adding a new certificate to the keystore, just in case, still no change.
MORE UPDATES:
Tried updating the mailer plugin- no change
Tried different users - all failed with the same error
So no matter what user i try, they all fail, but have jenkins execute a script which sends e-mails using said users it works.
August 18, 2016 - no change

How to get e-mails to work on phpBB with CentOS 6? Experiencing PHP Error

So, I have a phpBB forum on CentOS 6, however there is a problem. E-mails are simply not working.
I tried using e-mails on domain such as admin#domain.com, and I would get this error:
E-mail error
» EMAIL/PHP/mail()
/adm/index.php
so I trued using SMTP with different SMTP hosts and settings, nothing has worked, I would simply get this error:
E-mail error
» EMAIL/SMTP
/adm/index.php
Could not connect to smtp host : 0 : php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution
Errno 2: fsockopen(): php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution at [ROOT]/includes/functions_messenger.php line 1030<br />
Errno 2: fsockopen(): unable to connect to smtp.mail.com:25 (php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution) at [ROOT]/includes/functions_messenger.php line 1030
I got the errors from PHP Error Log from PHP
Oddly enough, the e-mails appear on my VPS in var/spool/mail/root file.
2 people have told be that this may be a DNS issue, I suspect this being true, as I, for some reason, couldn't use "wget" on my VPS, so I set Nameservers in /etc/resolv.conf and suddenly another problem I was experiencing, "could not get latest phpBB version" or something like that, was fixed. So, if that was fixed with such a solution, I would assume this would have something to do with it too.
And, I asked my host about it, they said "everything is virtualized" and how they have no actual control over it (in a sense that it is their configuration's fault) and how they do not support 3rd party software, even though this is not a software issue. And prior to that they said that they talked to "level 3 Linux admin" and how the admin said it is PHP/Apache issue.
I am losing my mind over this. It is a good machine for a good price with a game panel as we are hosting a game server, and it would really be a bother to move it all elsewhere.
Also, full talk and information on phpBB forums can be found here:
https://www.phpbb.com/community/viewtopic.php?f=46&t=2257586
Check your SMTP settings, make sure its set to the correct client (both on your DNS and within phpbb in General-Client Communication-Email Settings). If you have to use an authenticated account, verify that the username and password you are using is correct by typing it into a word doc to see spelling and copy/pasting it into the fields. In some cases, SMTP will only work with authenticated accounts.

How can I use Mandrill App as system message mailer on Parallels Panel?

Currently I have my CentOS system set up with Parallels Panel and have my mailing system working nicely. But I'd prefer to have my system messages to be mailed using Mandrill App (MailChimp guys).
I have it working now with a kind of a mixed setup. Simple, though working. But now I get an error in my mail logs saying the following:
Jan 4 10:41:11 shinjuku postfix/smtp[29469]: certificate verification failed for smtp.mandrillapp.com[46.137.69.113]:25: untrusted issuer /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server#thawte.com`
After this I've tried configuring the smtp_tls_CApath and smtpd_tls_CApath to point to /etc/ssl/certs, but still no luck on this part.
Does someone have an idea on how I can get this working to have ALL system messages to be sent using Mandrill, instead of built-in config?
Mark, for CentOS try this for your CAPath/CAfile
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt