We've always had some scammers that target our users from our PP Classifieds, but we're seeing more and more scambots that are using the contact.php to send scam emails to every member with an ad.
Today we had one that goes by the name khotmiller (firstname.lastname@example.org) and they are picking up the item title and using it in the email wording.
I just did a quick Google search of "khotmiller" and found that username registered at 4 different forums and each one had PP Classifieds installed.
It would be nice if we could limit the number of contact emails sent via contact.php to stop people from sending mass emails through it.
Do you have any ideas of workarounds that we could do locally that would thwart these scammers. Can we change the name of contact.php and then easily apply this across our installs to trip up any scambots trying look for contact.php in our classifieds.
Or can you think of something we could change to stop this. Perhaps using some kind of challenge system, like entering a specific word, or captcha?
What is Photopost planning to do to stop scammer use of PP Classifieds?
Here's what the email looks like on our forum:
184.108.40.206 failed after I sent the message.
Remote host said: 550 Access denied...0e6130a11424a961456df414c444d06d7d5510e90541b9857d199d1964e4c9191051e410...
--- Below this line is a copy of the message.
Received: (qmail 20404 invoked by uid 504); 27 May 2012 06:52:09 -0500
Date: 27 May 2012 06:52:09 -0500
Subject: A message about your ad on tdpri.com
Larrivee L05 A/E
Is your Larrivee L05 A/E still available for sale ? What is the last price and what is the condition? I will like to pay using PayPal,After payments has been made,I will arrange for the pick-up and will you let my pick-up agent to come to you house for the pick up? Because i don't want you to worry yourself about the shipment,Reply back email@example.com
Larrivee L05 A/E - Guitars and Gear For Sale