SPAM in the forum

Problem reported by Gabriele Maoret - SERSIS - 3/3/2025 at 5:08 AM

Being Fixed

I have to say that: I would expect more attention to cybersecurity and SPAM on this forum...

Gabriele Maoret - Head of SysAdmins and CISO at SERSIS

Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

10 Replies

Reply to Thread

Brian Bjerring-Jensen Replied

3/3/2025 at 6:46 AM

Worrying....

Sébastien Riccio Replied

3/3/2025 at 11:43 PM

Maybe it would need an option for new accounts first posts to be moderated ?

Sébastien Riccio System & Network Admin https://swisscenter.com

Derek Curtis Replied

3/4/2025 at 8:46 AM

Employee Post

You know what they say about "great minds", Sébastien, and we apologize for the worry Brian. We spent the better part of yesterday morning digging into these spam posts to determine who they came from and where, so we wanted to hold off replying until we had more data.

First, we confirmed the impact was limited to spam posts and didn't extend past the community itself. Second, this was not a compromise of any kind. Instead, the spammer was registering one-off accounts with verified emails, then pasting in their pre-written content. We have taken steps to ban/block this poster along with every IP address associated with them and their accounts and so don't expect too much of this in the future. But, we'll be especially diligent and got rid of it as soon as we can.

Unfortunately, spam posts happen from time to time and while we already have some implemented solutions, we intend to add some additional ones in addition to making it easier to handle reported posts and posters. To Sébastien's point we plan on implementing some things like additional captcha areas and other settings administrators can manage to further restrict who can post and how often.

Derek Curtis COO SmarterTools Inc. www.smartertools.com

Gabriele Maoret - SERSIS Replied

3/4/2025 at 9:13 AM

Thanks for your answer, Derek!

My two cents: I'll suggest you to implement and force MFA (2FA at least...) for all community members...

Have a good day!!!

Gabriele Maoret - Head of SysAdmins and CISO at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

Tim Uzzanti Replied

3/4/2025 at 10:16 AM

Employee Post

As Derek mentioned, all the spam was done by hand, and all emails were verified. We’re guessing if we had implanted 2FA, it probably wouldn't have helped in this scenario. But, we do have a plan for 2FA!

Tim Uzzanti CEO SmarterTools Inc. www.smartertools.com

Brian Bjerring-Jensen Replied

3/5/2025 at 4:05 AM

BUMP LOL

Stefano Replied

3/5/2025 at 4:18 AM

Lots of reports this morning 😒

Why don't you give moderators power to some trusted users? 😉

Gabriele Maoret - SERSIS Replied

3/5/2025 at 5:50 AM

[evil mode on]

If they give me moderator powers, I'll ban you all!!!

Uuuah ah ah ah (...evil laughter...)

[evil mode off]

...ahem...

Brian Bjerring-Jensen Replied

3/5/2025 at 8:06 AM

And by the way... it would be great to have an reply to post function here in the forum for a specific user.

Like I want to reply to Gabriele.... but I cant and it ends up in like general chit chat.

Gabriele Maoret - SERSIS Replied

3/5/2025 at 9:15 AM

@Brian: you can reply to me in private...

Click on my name here:

And then send me a private message:

Back to Community Threads

Please leave this box unchecked

Reply to Thread

Enter the verification text

10 Replies

Reply to Thread

Tags

Related Knowledge Base Articles