Thread Starter
nikdow
(@nikdow)
I should add that I inspected the content of the emails using postcat to verify they were sent by sTCR. Note the QS is missing the permalink.
e.g.
*** ENVELOPE RECORDS deferred/E/EF0F759636 ***
message_size: 967 665 1 0 967 0
message_arrival_time: Thu Aug 20 09:54:45 2020
create_time: Thu Aug 20 09:54:45 2020
named_attribute: log_ident=EF0F759636
named_attribute: rewrite_context=local
sender: [email protected]
named_attribute: log_client_name=localhost
named_attribute: log_client_address=127.0.0.1
named_attribute: log_client_port=38078
named_attribute: log_message_origin=localhost[127.0.0.1]
named_attribute: log_helo_name=www.spelfabet.com.au
named_attribute: log_protocol_name=ESMTP
named_attribute: client_name=localhost
named_attribute: reverse_client_name=localhost
named_attribute: client_address=127.0.0.1
named_attribute: client_port=38078
named_attribute: helo_name=www.spelfabet.com.au
named_attribute: protocol_name=ESMTP
named_attribute: client_address_type=2
named_attribute: dsn_orig_rcpt=rfc822;[email protected]
original_recipient: [email protected]
recipient: [email protected]
pointer_record: 0
*** MESSAGE CONTENTS deferred/E/EF0F759636 ***
regular_text: Received: from http://www.spelfabet.com.au (localhost [127.0.0.1])
regular_text: by aws05.cbdweb.net (Postfix) with ESMTP id EF0F759636
regular_text: for <[email protected]>; Thu, 20 Aug 2020 09:54:45 +1000 (AEST)
pointer_record: 1653
regular_text: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=spelfabet.com.au;
regular_text: s=default; t=1597881286;
regular_text: bh=8KmrCKqY+UGP6iN+ff9/YJaB2EP8ZvWfrvWUk/CkRl8=;
regular_text: h=Date:To:From:Reply-To:Subject:From;
regular_text: b=jLt+NeO6C1LHotB5Ae42SuiIRA2px6eznVaWcY+abTWFfKBBXXYnWMBbkC3osMW9m
regular_text: 9Mtf6jZ584A58ANNwoCYXt+npPJSQ1PNpF+NdPtEE5LxExUWAJn9x3AxCWuGBwEnhP
regular_text: HqXG87VL0r7vgiiPSwdiB/lWch5RsKjPj8Cy2k+A=
regular_text: Date: Wed, 19 Aug 2020 23:54:45 +0000
pointer_record: 889
regular_text: To: [email protected]
regular_text: From: Spelfabet <[email protected]>
regular_text: Reply-To: [email protected]
regular_text: Subject: Manage your subscriptions on Spelfabet
regular_text: Message-ID: <[email protected]>
regular_text: X-Mailer: WPMailSMTP/Mailer/smtp 2.2.1
regular_text: X-Post-Id: 0
padding: 0
regular_text: X-Comment-Id: 0
regular_text: MIME-Version: 1.0
regular_text: Content-Type: text/html; charset=UTF-8
pointer_record: 0
regular_text:
regular_text: <html><head><title>Manage your subscriptions on Spelfabet</title></head><body><p>You have requested to manage your subscriptions to the articles on Spelfabet. Follow this link to access your personal page:<br />
regular_text: https://www.spelfabet.com.au/comment-subscriptions/?srek=&srk=c3a2be8687cfa7cbe61db20f647bce3d&srsrc=e&post_permalink=</p>
regular_text: </body></html>
regular_text:
pointer_record: 0
*** HEADER EXTRACTED deferred/E/EF0F759636 ***
pointer_record: 0
*** MESSAGE FILE END deferred/E/EF0F759636 ***
Plugin Author
WPKube
(@wpkube)
Hi @nikdow
The “manage your subscription” emails are sent on the user’s request.
I’m assuming that’s spam bots going through the website, they see a form with an email field, they add an email address and submit.
Go to WP admin > StCR > Options. Near the end you’ll see “Enable challenge question”, set that to “Yes”. That adds a challenge question to the form which should stop the bots.
By default the challenge is “What is 1+2?” but you can change the question and answer to anything you want, it’s the 2 options below the “Enable challenge question”.
Thread Starter
nikdow
(@nikdow)
Thanks for the hint. And I see I can search subscribers now!
