Question New Posts email notification in a read-only forum!

Hello,

I'm running Kunena 5.1.1 with J 3.8.8 and these past couple of days I have been receiving email notifications about new (spam) posts in existing topics however when i visit the topics I am not seeing any new posts there!

Here is a sample of the email notification:

Message Subject : nike silver uomo
Category : Firewall Filtering, IDS/IPS & Security
Posted by : ???
URL : www.mydomain.com/forum/10-firewall-filte...n-site-site-vpn.html
Message:
Reuters6Danny Graham gave Blackburn the lead against United before they went on and lost 2-1The search for a new manager will begin with immediate effect.
nike silver uomo www.netl.it/Nike-Koth-Ultra-Low-Knit-Jac...ver-Uomo-PZ1339.html


In order to stop this activity I set the form to "Read Only" mode but this is continuing.

Any ideas? Is this perhaps a bug or is there something suspicious going on which I should be concerned about?

Many thanks for your time and help.

Chris.

I am having the exact same issue and am very concerned. I am also on 5.1.1. Users are reporting this via email, yet no such post exists. Here is one of the emails sent to me:

A new reply has been posted on the The South End

Message Subject : 123
Category : Salmon, Steelies, Lakers
Posted by : ???

URL: www.thesouthend.org/index.php/forum/salm...ke-down-good-and-bad
Message:
kaert chasing Championship gongdiamonds are foreverChelsea's new Nike kit leaked online.
123 www.nkmvp.fr/Nike-Air-Max-90-EM-Hommes-Chaussures-GP965.html

You can unsubscribe from this topic by visiting it and clicking the Unsubscribe button near the top or bottom of the page.

Do not answer to this e-mail notification as it is a generated e-mail.

While no one has replied with a solution I have found a work-around.
I dug into the apache logs and found which IP address was hitting the URL with HTTP POST command - the IP was identical in all events so I simply blocked the abusive IP address in the site's .htaccess file.

No longer receiving the alerts however I'm suspecting this is a bug.

Thanks,

Me too

Situation is almost the same. I have installed the newest kunena and joomla version and receive sometimes auto notifications for threads with sender "???" who is replying to a topic. In fact these are spam mails and when checking the forum there is no new entry and also there were no user log in Joomla / Kunena at this time (but could be that a user logged in days ago...)
So no idea from where this is coming from but high level it looks like a security bug.

Would be great to get a developer response. Banning IP's works, but I am assuming they are going to start coming from all directions soon.

Could you please all add the kunena report. And how your category is setup with the permissions.

Also please enable kunena logs. setting Is on the configuration. That feature will log all users actions. So maybe I know then how they to it.

Hello "810". First at all thank you very much for checking this!

Please find attached the configuration report. The only change which I did the past hours was to disable the auto email notifications. At the time it was set on I got spam mails but for the moment not.

In general everybody can display but only registered people (+manager/super user) can open topics or write answers.

Now it's 1 am in the morning here and maybe I became blind or to tired but can't find the log section. Where exactly in "configuration is it" ?

Rergards
-Dirk

Database collation check: The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Disabled | FTP layer: Disabled |

This message contains confidential information

htaccess: Exists | PHP environment: Max execution time: 30 seconds | Max execution memory: 64M | Max file upload: 200M

Kunena menu details:

Warning: Spoiler!

ID	Name	Menutype	Link	Path	In trash
116	Forum	kunenamenu	view=home&defaultmenu=118	forum	No
117	�bersicht	kunenamenu	view=category&layout=list&catid=0	forum/index	No
118	Aktuelle Themen	kunenamenu	view=topics&mode=replies	forum/aktuell	No
119	Neues Thema	kunenamenu	view=topic&layout=create	forum/neuesthema	No
121	Meine Themen	kunenamenu	view=topics&layout=user&mode=default	forum/meinethemen	No
299	�bersicht Benutzer	kunenamenu	view=user&layout=list	forum/uebersicht-benutzer	No
120	Ohne Antwort	kunenamenu	view=topics&mode=noreplies	forum/ohneantwort	No
122	Profil	kunenamenu	view=user	forum/profil	No
300	Statistiken	kunenamenu	view=statistics	forum/statistiken	No
123	Hilfe	kunenamenu	view=misc	forum/hilfe	No
124	Suche	kunenamenu	view=search	forum/suche	No
125	Forum	mainmenu	Itemid=116	kunena-2017-01-19	No
182	Forum	mainmenu	view=home&defaultmenu=117	kunena-2017-01-19/forum	No
127	TEst mit Foumsmen�	mainmenu	view=home&defaultmenu=116	kunena-2017-01-19/test-mit-foumsmenue	Yes
130	Profil	mainmenu	view=user&layout=edit	kunena-2017-01-19/profil	No
298	Kontakte	mainmenu	view=user&layout=list	kunena-2017-01-19/kontakte	No
129	Suche	mainmenu	view=search	kunena-2017-01-19/suche	No
128	Test	mainmenu	view=home&defaultmenu=116	test	Yes
164	Forum2	mainmenu	view=home&defaultmenu=116	neues-forumsmenue-nur-fuer-admins-sichtbar/forum2	Yes

Joomla default template details : Pulse | author: Crosstec GmbH & Co. KG | version: 1.1.1 | creationdate: November 2014

Kunena default template details : Blue Eagle5 | author: Kunena Team | version: 1.0.2 | creationdate: 2017-01-09

Kunena template params:

Warning: Spoiler!

DefaultCategoryicon
lightboxColor	white
bootstrap	0
borderless	1
SubjectLengthMessage	80
displayMenu	1
displayModule	1
displayBreadcrumb	1
displayAnnouncement	1
displayFooter	1
avatarPosition	left
avatarType	img-polaroid
labels	0
whoisonlineName	default
formRecover	0
topicicontype	image
fontawesome	0
socialshare	0
socialtheme	classic
writeaccess	0
video	1
maps	1
emoticons	1
twitter	1
ebay	1
link	1
picture	1
hide	1
spoiler	1
table	1
code	1
quote	1
divider	1
instagram	1
soundcloud	1
confidential	1
hr	1
listitem	1
supscript	1
subscript	1
numericlist	1
bulletedlist	1
alignright	1
alignleft	1
center	1
underline	1
italic	1
bold	1
strikethrough	1
colors	1
size	1
IconColor	inherit
IconColorNew	#f03a00
forumHeadercolor
announcementHeadercolor
announcementBoxbgcolor
frontstatsHeadercolor
whoisonlineHeadercolor
inactiveTabcolor
activeTabcolor
hoverTabcolor
topBordercolor	#565656
inactiveFontcolor
activeFontcolor
forumLinkcolor
avatarSizeX	40
avatarSizeY	90
avatarSizeXThumb	36
avatarSizeYThumb	36
avatarSizeXWelcome	42
avatarSizeYWelcome	42
avatarSizeXList	36
avatarSizeYList	36
avatarSizeXPost	144
avatarSizeYPost	144
avatarSizeXProfile	200
avatarSizeYProfile	200
profileIconset	default
DefaultIconset	default
editorIconset	default
fullactions	0
quick	0
enableSkinner	0
templatebyText
templatebyName
templatebyLink

Kunena version detailed: Kunena 5.1.1 | 2018-06-10 [ Belinda ]
| Kunena detailed configuration:

Warning: Spoiler!

Kunena config settings:
board_offline	0
enablerss	1
threads_per_page	20
messages_per_page	6
messages_per_page_search	15
showhistory	0
historylimit	6
shownew	1
disemoticons	0
template	blue_eagle5
showannouncement	0
avataroncat	0
catimagepath	category_images
showchildcaticon	0
rtewidth	450
rteheight	300
enableforumjump	1
reportmsg	1
username	1
askemail	1
showemail	0
showuserstats	1
showkarma	0
useredit	1
useredittime	0
useredittimegrace	600
editmarkup	1
allowsubscriptions	1
subscriptionschecked	1
allowfavorites	1
maxsubject	50
maxsig	300
regonly	0
pubwrite	0
floodprotection	0
mailmod	0
mailadmin	0
captcha	0
mailfull	1
allowavatarupload	1
allowavatargallery	1
avatarquality	90
avatarsize	512
imageheight	800
imagewidth	1024
imagesize	600
filetypes	txt,rtf,pdf,zip,tar.gz,tgz,tar.bz2
filesize	500
showranking	1
rankimages	1
userlist_rows	30
userlist_online	1
userlist_avatar	1
userlist_posts	1
userlist_karma	0
userlist_email	0
userlist_joindate	1
userlist_lastvisitdate	1
userlist_userhits	1
latestcategory
showstats	1
showwhoisonline	1
showgenstats	1
showpopuserstats	1
popusercount	5
showpopsubjectstats	1
popsubjectcount	5
showspoilertag	1
showvideotag	1
showebaytag	1
trimlongurls	1
trimlongurlsfront	40
trimlongurlsback	20
autoembedyoutube	1
autoembedebay	1
ebaylanguagecode	en-us
sessiontimeout	3600
highlightcode	0
rss_type	topic
rss_timelimit	month
rss_limit	100
rss_included_categories
rss_excluded_categories
rss_specification	rss2.0
rss_allow_html	1
rss_author_format	name
rss_author_in_title	1
rss_word_count	0
rss_old_titles	1
rss_cache	900
defaultpage	recent
default_sort	asc
sef	1
showimgforguest	1
showfileforguest	1
pollnboptions	4
pollallowvoteone	1
pollenabled	1
poppollscount	5
showpoppollstats	1
polltimebtvotes	00:15:00
pollnbvotesbyuser	100
pollresultsuserslist	1
maxpersotext	50
ordering_system	mesid
post_dateformat	ago
post_dateformat_hover	datetime
hide_ip	1
imagetypes	jpg,jpeg,gif,png
checkmimetypes	1
imagemimetypes	image/jpeg,image/jpg,image/gif,image/png
imagequality	70
thumbheight	80
thumbwidth	80
hideuserprofileinfo	put_empty
boxghostmessage	0
userdeletetmessage	0
latestcategory_in	1
topicicons	1
debug	0
catsautosubscribed	0
showbannedreason	0
showthankyou	1
showpopthankyoustats	1
popthankscount	5
mod_see_deleted	0
bbcode_img_secure	image
listcat_show_moderators	1
lightbox	1
show_list_time	720
show_session_type	2
show_session_starttime	1800
userlist_allowed	1
userlist_count_users	1
enable_threaded_layouts	0
category_subscriptions	post
topic_subscriptions	every
pubprofile	0
thankyou_max	10
email_recipient_count	0
email_recipient_privacy	bcc
captcha_post_limit	0
image_upload	registered
file_upload	registered
topic_layout	indented
time_to_create_page	0
show_imgfiles_manage_profile	1
hold_newusers_posts	0
hold_guest_posts	0
attachment_limit	10
pickup_category	0
article_display	intro
send_emails	0
fallback_english	1
cache	1
cache_time	60
iptracking	1
rss_feedburner_url
autolink	1
access_component	0
statslink_allowed	1
superadmin_userlist	0
legacy_urls	0
attachment_protection	1
categoryicons	1
avatarresizemethod	1
avatarcrop	0
user_report	1
searchtime	365
teaser	0
ebay_language	0
allow_change_subject	0
max_links	10
read_only	0
ratingenabled	1
url_subject_topic	0
log_moderation	0
attach_start	0
attach_end	14
attachment_utf8	1
autoembedsoundcloud	1
emailheader	/media/kunena/email/hero-wide.png
user_status	1
signature	1
personal	1
social	1
plain_email	0
moderator_permdelete	0
avatartypes	gif, jpeg, jpg, png
smartlinking	0
defaultavatar	nophoto.png
defaultavatarsmall	s_nophoto.png
quickreply	1
avataredit	0
activemenuitem
mainmenu_id
home_id
index_id
moderators_id
topiclist_id
misc_id
profile_id
search_id
avatar_type	1
sef_redirect	1
allow_edit_poll	1
credits	0

| Kunena integration settings:

Warning: Spoiler!

Kunena - Finder Disabled
Kunena - AltaUserPoints Disabled
Kunena - Community Builder Disabled
Kunena - Easyblog Disabled
Kunena - Easyprofile Disabled
Kunena - Easysocial Disabled
Kunena - Gravatar Disabled
Kunena - JomSocial Disabled
Kunena - Joomla Enabled: access=1 login=1
Kunena - Kunena Enabled: avatar=1 profile=1
Kunena - UddeIM Disabled

| Joomla! detailed language files installed:

Warning: Spoiler!

Joomla! languages installed:
de-DE	German (DE)
en-GB	English (en-GB)

Third-party components: None

Third-party SEF components: None

Plugins: None

Modules: None

1) please update blue eagle template to 1.5.0 RC3
2) config - users- Define if you want to log action or moderation set to "Yes"
3) Which category setting do you use: access level or usergroups

Hello,

1.) I will update to blue eagle 1.5.0 RC3 today night. PS: Is there any way to get an auto reminder like for other new software versions ?
2.) It's now activated
3.) It's user group based. Typically all is handled by "Registered user"

I also attached a sample of these spam mails. Since yesterday afternoon I did not get any new spams so far.

Regards
-Dirk

Here is my report. I use access level.

Database collation check: The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Disabled | FTP layer: Disabled |

This message contains confidential information

htaccess: Exists | PHP environment: Max execution time: 90 seconds | Max execution memory: 128M | Max file upload: 10M

Kunena menu details:

Warning: Spoiler!

ID	Name	Menutype	Link	Path	In trash
232	Discussion Forum	mainmenu	view=home&defaultmenu=224	south-end-forum	No
158	My Profile	topmenu	view=user	profile	No
223	Forum	kunenamenu	view=home&defaultmenu=225	forum	No
224	Index	kunenamenu	view=category&layout=list&catid=0	forum/index	No
225	Recent Topics	kunenamenu	view=topics&mode=replies	forum/recent	No
226	New Topic	kunenamenu	view=topic&layout=create	forum/newtopic	No
227	No Replies	kunenamenu	view=topics&mode=noreplies	forum/noreplies	No
228	My Topics	kunenamenu	view=topics&layout=user&mode=default	forum/mylatest	No
229	Profile	kunenamenu	view=user	forum/profile	No
230	Help	kunenamenu	view=misc	forum/help	No
231	Search	kunenamenu	view=search	forum/search	No

Joomla default template details : rt_protean | author: RocketTheme, LLC | version: 1.1.1 | creationdate: February 13, 2017

Kunena default template details : Blue Eagle5 | author: Kunena Team | version: 1.0.3 | creationdate: 2017-02-04

Kunena template params:

Warning: Spoiler!

DefaultCategoryicon
lightboxColor	white
bootstrap	0
tooltips	1
borderless	1
SubjectLengthMessage	80
displayMenu	1
displayModule	0
displayBreadcrumb	1
displayAnnouncement	1
displayFooter	0
avatarPosition	left
avatarType	img-polaroid
labels	0
whoisonlineName	default
formRecover	0
topicicontype	image
fontawesome	1
socialshare	0
socialtheme	minima
writeaccess	0
video	1
maps	1
emoticons	1
twitter	1
ebay	0
link	1
picture	1
hide	0
spoiler	0
table	1
code	0
quote	1
divider	1
instagram	1
soundcloud	0
confidential	1
hr	1
listitem	1
supscript	1
subscript	1
numericlist	1
bulletedlist	1
alignright	1
alignleft	1
center	1
underline	1
italic	1
bold	1
strikethrough	1
colors	1
size	1
IconColor	inherit
IconColorNew	#48a348
forumHeadercolor
announcementHeadercolor
announcementBoxbgcolor
frontstatsHeadercolor
whoisonlineHeadercolor
inactiveTabcolor
activeTabcolor
hoverTabcolor
topBordercolor
inactiveFontcolor
activeFontcolor
forumLinkcolor
avatarSizeX	40
avatarSizeY	90
avatarSizeXThumb	36
avatarSizeYThumb	36
avatarSizeXWelcome	42
avatarSizeYWelcome	42
avatarSizeXList	36
avatarSizeYList	36
avatarSizeXPost	144
avatarSizeYPost	144
avatarSizeXProfile	200
avatarSizeYProfile	200
profileIconset	default
DefaultIconset	default
editorIconset	default
fullactions	0
quick	0
enableSkinner	0
templatebyText
templatebyName
templatebyLink

Kunena version detailed: Kunena 5.1.1 | 2018-06-10 [ Belinda ]
| Kunena detailed configuration:

Warning: Spoiler!

Kunena config settings:
board_offline	0
enablerss	0
threads_per_page	20
messages_per_page	10
messages_per_page_search	15
showhistory	1
historylimit	6
shownew	1
disemoticons	0
template	blue_eagle5
showannouncement	1
avataroncat	0
catimagepath	category_images
showchildcaticon	1
rtewidth	450
rteheight	300
enableforumjump	1
reportmsg	1
username	1
askemail	0
showemail	0
showuserstats	1
showkarma	0
useredit	1
useredittime	0
useredittimegrace	6000
editmarkup	1
allowsubscriptions	1
subscriptionschecked	0
allowfavorites	0
maxsubject	50
maxsig	300
regonly	0
pubwrite	0
floodprotection	6
mailmod	-1
mailadmin	-1
captcha	0
mailfull	1
allowavatarupload	1
allowavatargallery	1
avatarquality	75
avatarsize	2048
imageheight	2000
imagewidth	2000
imagesize	10000
filetypes	pdf
filesize	10000
showranking	1
rankimages	1
userlist_rows	30
userlist_online	1
userlist_avatar	1
userlist_posts	1
userlist_karma	1
userlist_email	0
userlist_joindate	1
userlist_lastvisitdate	1
userlist_userhits	1
latestcategory
showstats	1
showwhoisonline	1
showgenstats	1
showpopuserstats	1
popusercount	10
showpopsubjectstats	1
popsubjectcount	10
showspoilertag	1
showvideotag	1
showebaytag	0
trimlongurls	1
trimlongurlsfront	40
trimlongurlsback	20
autoembedyoutube	1
autoembedebay	1
ebaylanguagecode	en-us
sessiontimeout	1800
highlightcode	0
rss_type	topic
rss_timelimit	month
rss_limit	100
rss_included_categories
rss_excluded_categories
rss_specification	rss2.0
rss_allow_html	1
rss_author_format	name
rss_author_in_title	1
rss_word_count	0
rss_old_titles	1
rss_cache	900
defaultpage	recent
default_sort	asc
sef	1
showimgforguest	0
showfileforguest	0
pollnboptions	4
pollallowvoteone	0
pollenabled	1
poppollscount	5
showpoppollstats	1
polltimebtvotes	00:00:05
pollnbvotesbyuser	1000
pollresultsuserslist	1
maxpersotext	50
ordering_system	mesid
post_dateformat	datetime
post_dateformat_hover	datetime
hide_ip	1
imagetypes	jpg,jpeg,gif,png
checkmimetypes	1
imagemimetypes	image/jpeg,image/jpg,image/gif,image/png
imagequality	60
thumbheight	32
thumbwidth	32
hideuserprofileinfo	put_empty
boxghostmessage	0
userdeletetmessage	0
latestcategory_in	1
topicicons	1
debug	0
catsautosubscribed	0
showbannedreason	0
showthankyou	1
showpopthankyoustats	1
popthankscount	5
mod_see_deleted	0
bbcode_img_secure	text
listcat_show_moderators	0
lightbox	1
show_list_time	720
show_session_type	0
show_session_starttime	0
userlist_allowed	1
userlist_count_users	1
enable_threaded_layouts	0
category_subscriptions	post
topic_subscriptions	every
pubprofile	0
thankyou_max	20
email_recipient_count	0
email_recipient_privacy	bcc
captcha_post_limit	0
image_upload	registered
file_upload	registered
topic_layout	flat
time_to_create_page	1
show_imgfiles_manage_profile	1
hold_newusers_posts	0
hold_guest_posts	0
attachment_limit	6
pickup_category	0
article_display	intro
send_emails	1
fallback_english	1
cache	1
cache_time	60
iptracking	1
rss_feedburner_url
autolink	1
access_component	0
statslink_allowed	1
superadmin_userlist	0
legacy_urls	1
attachment_protection	0
categoryicons	1
avatarresizemethod	1
avatarcrop	0
user_report	1
searchtime	all
teaser	0
ebay_language	0
allow_change_subject	1
max_links	15
read_only	0
ratingenabled	0
url_subject_topic	0
log_moderation	0
attach_start	0
attach_end	14
attachment_utf8	1
autoembedsoundcloud	1
emailheader	/media/kunena/email/hero-wide.png
user_status	1
signature	1
personal	1
social	1
plain_email	1
moderator_permdelete	0
avatartypes	gif, jpeg, jpg, png
smartlinking	0
defaultavatar	nophoto.png
defaultavatarsmall	s_nophoto.png
quickreply	1
avataredit	0
activemenuitem
mainmenu_id
home_id
index_id
moderators_id
topiclist_id
misc_id
profile_id
search_id
avatar_type	1
sef_redirect	1
allow_edit_poll	1
recaptcha_publickey
recaptcha_privatekey
recaptcha_theme	white
keywords	0
userkeywords	0
userlist_name	1
usernamechange	0
version_check	1

| Kunena integration settings:

Warning: Spoiler!

Kunena - Finder Disabled
Kunena - AltaUserPoints Disabled
Kunena - Community Builder Disabled
Kunena - Easyblog Disabled
Kunena - Easyprofile Disabled
Kunena - Easysocial Disabled
Kunena - Gravatar Disabled
Kunena - JomSocial Disabled
Kunena - Joomla Enabled: access=1 login=1
Kunena - Kunena Enabled: avatar=1 profile=1
Kunena - UddeIM Enabled: private=1

| Joomla! detailed language files installed:

Warning: Spoiler!

Joomla! languages installed:
en-GB	English (en-GB)

Third-party components: UddeIM 3.9

Third-party SEF components: None

Plugins: None

Modules: Kunena Latest 5.1.0