ethercat
Cat in flight
Welcome back!
ESMB is up again, but without email for now.
This means there will be no notifications sent out about PMs you've received, threads being replied to, and, probably more critical, no ability to reset passwords through email automatically. You cannot contact us through the "Contact Us" form, because it's not there.
If there is even a slight possibility of you forgetting your password, please make absolutely certain that you have a valid email address in your profile since we will only be able to reset it manually and we must be certain we are sending it to you and not someone else.
If you are still getting the "suspended" page, when you try to go to the main forum page, you need to clear your browser cache. This may help if you don't know how: How to Clear Your Browser's Cache
Here's what was posted to the "suspended" page, in case you missed it:
ESMB is up again, but without email for now.
This means there will be no notifications sent out about PMs you've received, threads being replied to, and, probably more critical, no ability to reset passwords through email automatically. You cannot contact us through the "Contact Us" form, because it's not there.
If there is even a slight possibility of you forgetting your password, please make absolutely certain that you have a valid email address in your profile since we will only be able to reset it manually and we must be certain we are sending it to you and not someone else.
If you are still getting the "suspended" page, when you try to go to the main forum page, you need to clear your browser cache. This may help if you don't know how: How to Clear Your Browser's Cache
Here's what was posted to the "suspended" page, in case you missed it:
January 20, 2014
Here's a brief synopsis what's going on. Last Saturday (the 11th), spammers found and used a "send to friend" link on the site to send their trash to a mailing list they had (not to forum members, unless by coincidence they happened to be on the spammer's list already). The fact that it was a "send to friend" link meant they were able to put in whatever email addresses they wanted to send to. It also allowed them to enter their own message, which, of course, was spam.
I made some changes while the forum was still running and thought I had stopped it. I was watching a live display of the mail server log as entries were made in it, and only saw non-spam emails going out. At this point, I still didn't know for sure how or what they were using to send and I was gathering information to figure it out.
But a while later, the screen started scrolling by quickly and I could see that the spam emails had started up again, so I quickly did what our hosting provider recommended, which was to suspend the forum's account.
On Thursday (the 16th), I had figured it out and made the necessary changes, so I reopened the forum, but was still watching the mail server log. Just after I reopened the forum, I saw a burst of activity in the log and quickly turned the forum back off. I checked and all the emails that had been sent when the forum reopened were forum notifications being sent to email addresses of members, so I turned the forum back on.
We stayed open for 3 days before the spammers found another way to send email using the forum software, on Sunday evening (the 19th).
This time, they used a script which is supposed to (according to vBulletin) be "hard coded" - that is, only send to an email address that is entered as part of the vBulletin configuration. However, apparently they found a way to enter their own set of email addresses when using the script. The email address that I entered into the configuration is still there and unchanged, and yet I have a bounced email undeniably sent by this script with someone else's email address in the To: field.
At this point (January 20), I am still figuring out and deciding what to do. We cannot have the server sending out spam. I'm sorry ESMB is down again.
I will update this when I have more news.
--ec