Receiving Spam on Trouble Tickets

[minapre]

I was wondering if anyone has had problems with Spam in trouble tickets, and if so how you have managed to block it.  I am getting about 10-15 spam messages a day at the moment.  The CPanel logs show that the message are generated from different ip adresses each time, so I cannot filter out by ip address in the .htaccess file.  Any suggestions is appreciated.

thanks,

minapre

[Magnus Wester]

Is the spam coming from form submissions, or are you getting spam e-mails sent to your ticket e-mail addresses? Do you publish your e-mail addresses on the web?

For basic spam protection, you should consider the following:

- Never publish e-mail addresses on the web. Just publish the contact form. If you really must publish an e-mail address, use a text-to-GIF program to create an image showing the e-mail address in a way that only humans can read. And don't use a "mailto:" link with it, force users to read the address visually and type in manually.

- Create a new mailbox for your TTX system regularly. Instead of "support@domain.com", call it "support.ae1r@domain.com". Once you start getting spam to this address too, rename it "support.fk0y@domain.com" (or any other name that would be very hard to guess). Ensure that messages to the old address are forwarded to the new one during a natural phase-out period, then just deleted by the mail server.

- Always use the Access code option with your ticket submission forms.

[minapre]

The spam is coming from form submissions. 

[Magnus Wester]

If your spam is coming from form submissions, and you use the Access Code to prevent automatic scripts from posting tickets, you have real, human visitors that submit spam tickets. This is strange. It takes a really stupid spammer to spam a private helpdesk - so much work just to make a few support people really pissed off?

Human-entered spam is a tricky issue that affects any user interaction mechanism, e.g. discussion forums, blog comments, wikis, order forms...

In my experience, there are many partial solutions to this problem, but no final solution that gets rid of all spam. With other products like phpBB I simply classify users as unregistered, registered and approved. For the first group I require e-mail confirmation of each submission ("Please confirm that you wish to submit this ticket"). This gets rid of all tickets with invalid e-mail addresses. When the user confirms the post, it ends up in a moderation queue where I have a second chance of removing spam. After a few "good" posts, I set the user as "approved", which means that they can post directly.

Unfortunately, there is no such mechanism for TTX. I guess you will have to delete the spam tickets manually, knowing that it was much more work entering them than for you to delete them.

[minapre]

I didnt fully comprehend your third point - I was not aware that there was an access code option.  Many thanks for your assistance.

[gkalus]

I am having the same problem but I am looking at a different solution. I run the helpdesk on a different domain than our main website .net instead of .org I am setting up filters for the helpdesk email on .net to only receive email from the .org domain. I figure if the email is down on the .org domain they won't be able to email the helpdesk and will have to go direct to the helpdesk on the .net domain to fill out a trouble ticket. I am in the middle of trying to get this working so not sure of the out come.

Gary

[Magnus Wester]

I'm sure this is obvious to you, but if you want a helpdesk that's available even when your main site is down you may want to host it externally, on a totally separate network and power supply.

How is your problem different from a spam point of view?

[gkalus]

I am hosting the helpdesk on a different domain and offsite. I am getting a lot of SPAM 10 to 15 a day. I have tried filtering and all kinds of other things but it still gets through I am blocking some but not all. The best solution I would like to see is a feature that I can restrict the domains that the helpdesk receives email from. All others not on a whitelist would be rejected.

Gary

[Magnus Wester]

I assume you are using an "old" e-mail address, that has been published on the Internet and thus been made available for scraping. Is it possible for you to just change the e-mail address regularly, once spammers have gotten hold of a new address?

I figure if the email is down on the .org domain they won't be able to email the helpdesk and will have to go direct to the helpdesk on the .net domain to fill out a trouble ticket.

So why do you accept e-mail tickets at all? If their site is down their SMTP server will probably be down too. Many people don't accept e-mail for new tickets, only for communication about old tickets. Can't you just use forms submission for new tickets?

[sfosseen]

The spam is coming from form submissions. 

Several years ago I copied the ticket submission html code and imbeded the code in our primary web server.  Our Primary Web server was from a hosting company and our site is CMS based so adding ttx to that site was not an option.  This has served us well, and now allowed me to stop a spammer who has been submitting tickets.

All the new spam tickets had a file attached.  I never upgraded my primary server page to enable file submission so I know the tickets were being created from my TTX site.  To stop the spam I modified the newticket.html file in the data/template folder by removing all the code and entering the text "Not Available".  As I never refer anyone to create a ticket from my TTX site this change will have no effect on ticket submissions.  New tickets can continue to be submitted via the custom HTML code on my primary web site. 

Granted this fix will only hold until someone finds the new ticket submission form on our primary server, but it is holding for now.

[arvin]

From http://troubleticketexpress.com/

Access code (a.k.a. captcha) to prevent ticket submissions by spambots

I had the same issue ...the captcha resolved them .....