[buddypress-trac] [BuddyPress Trac] #6049: When certain spam filters are installed account gets activated due to spam filters following external link in the email..

buddypress-trac noreply at wordpress.org
Wed Nov 26 23:39:15 UTC 2014


#6049: When certain spam filters are installed account gets activated due to spam
filters following external link in the email..
--------------------------+-----------------------------
 Reporter:  vimes1984     |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Core          |    Version:
 Severity:  normal        |   Keywords:
--------------------------+-----------------------------
 Just had to fix this on a shared hosting account @
 https://www.a2hosting.com, they run a spam filter called
 https://www.barracuda.com/products/spamfirewall
 what this does it follow external links in any outgoing emails sent from
 the server in question. So when buddypress sends out it's activation link
 like so : http://example.com/activate?key=7678978978978789 it gets clicked
 on by the spam filter activating the account and rendering the activation
 link useless...
 I think this is the ongoing issue with invalid activation links that some
 users are experiencing. I suggest we move the activate link to a actual
 button on page that needs to be physically clicked?
 My temp fix was to add a deny from all into the .htaccess denying the
 server access to it's self.

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6049>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list