Bad! IElgg.org mailbox got spammed by "hello my new friend"

Surely I am not the only one... but 4 days ago I got spam messages here on Elgg.org messages mailbox with the title "hello my new friend" :(((

Interesting is that the sender image is ... my own ! This should not be possible, but how did it happen?

I've not replied to the message...so no idea where it will be going !

  • I too got the same 2 days back :D hehehehe

  • There have been several incidents were spammers have sent messages to large numbers of users in the past several days. Those accounts have been deleted, but Elgg's messages plugin has a bug (http://trac.elgg.org/ticket/1767) that causes those messages to stay behind and look like the receiver sent them.

    I have written a messages throttling mechanism that will automatically ban users that attempt to send many messages in a short period of time. I expect that it will be running on this site by the end of the day.

  • Just enabled it now.  One step closer to a spam-free community! :)

  • Just noticed this post.... If the Throttler is a PlugIn - I sure do hope it gets released to the community. I has noticed many, many Elggsters complaining about such similar spam. How on earth we at FK have escaped I cannot fathom.. Guess we've been lucky ;) Hmmm.. Some form of a combined BigBrother/Zaptor/other open source bayesian scripts might eventually be written.. to save us all.

  • All the code does is register a function for the 'create', 'object' event. That function does this:

    function messages_throttle($event, $object_type, $object) {
        if ($object->getSubtype() !== 'messages') {
            return;
        }


        $msg_limit = 10;

        $params = array(
            'type' => 'object',
            'subtype' => 'messages',
            'created_time_lower' => time() - (5*60), // 5 minutes
            'metadata_names' => 'fromId',
            'metadata_values' => get_loggedin_userid(),
            'count' => TRUE,
        );
        $num_msgs = elgg_get_entities_from_metadata($params);
        if ($num_msgs > $msg_limit) {
            ban_user(get_loggedin_userid(), 'messages throttle');
        }
    }

  • Yes, this is a big problem.

    @Cash: Should I put your code on /mod/messages/views/default/object/messages ?

  • @Shouvik - no, create a plugin. There are tutorials on the Elgg wiki that describe the basics of making a plugin. You need to register for the event in your init function.

  • I just received a spam message from a user named "carlister", subject was "hi". Is this a common problem among other Elgg sites as well or is it just here?

Feedback and Planning

Feedback and Planning

Discussions about the past, present, and future of Elgg and this community site.