Question [Resolved] Kunena Support email attacked website!

One of my web owners contacted me today about [email protected] registering on their forums and accusing them of stealing credit for others creations. The powered by link was removed, I am assuming this is the reason behind the madness. He was very pleased with Kunena in the past and has always chosen Kunena, voted for Kunena, referred Kunena, and donated to Kunena. When I started working on the project for them there were many other free and available choices for forums but was prompted once again by his loyalty to choose Kunena.

The link to Kunena was requested to be removed because he has had security issues with Joomla and didn't want a link for people to follow the crumbs. If someone really wanted to know the forum makers they could simply look at the source code, where the real customers would look, IMHO...

Since most of his sites are none-profit everything is done as cheap as possible, seeing as Kunena and Joomla are open source I feel there should be no such ATTACKS on someones site seeing as he has had so much loyalty towards Kunena. Regretfully I think we will be changing forum selection, I feel his loyalty has been crushed in a very public, unfair, and unprofessional manner.

I will not go into how unprofessional this was as it would be considered a whole other thread.

I am sorry to here about your problems.

Unfortunately, email is a very fragile medium of communication. ANYBODY in the world from ANY email client can send you and email and making it look like it came form [email protected].

As for the real email [email protected] - only three of our leadership members have access to it, and all access gets logged. No emails of any sort of this have been sent from that account.

Nobody from the Kunena team has been using that email to register or comment on any use-cases out there.

It is very simple for you to verify where an email came from: Please check the long headers or raw email to see where a particular email has been sent from.

While we don't encourage removing the powered by link, we would NEVER EVER complain about it.

This is a professionally run project and it is disappointing that somebody would even think we would do such a thing.

Please make sure you check your facts. We certainly offer you any help you require to get to the bottom of this.

We require a registration e-mail, link to be clicked in order to log in and post...This is what sparked our curiosity. How can someone use that e-mail and click the registration complete link? It wasn't e-mail communication it was a post on our forums.

Before reading the post and after receiving the e-mail saying user-name Kunena has registered and than another that Kunena had posted we were excited to go see what Kunena had to say about our site, only to read that...very sickening feeling to say the least..

I will research a little in our server to see how this was passed up(registration link in e-mail), website has only been live maybe a week so not sure how this was even discovered(the use of Kunena) and why somebody would use the user-name....

I just realized: we don't even have a [email protected] email address.

If you send an email to that address, google (where we host our emails) will send you an error message.

I would check that system if it has been compromised in any way.

We have resolved the issue on our end as best we can, Thanks for the quick reply and assurance.

Issue resolved as far as I can tell, you can delete this post if you'd like.

Thanks

Thanks for letting us know.

If anybody should ever run into such a situation we really want to hear about it and help with root cause analysis.

Integrity is top.