Getting Started

Strange Redirection to external website

Home Forums Newsletter Plugin Support Strange Redirection to external website

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • August 6, 2015 at 5:48 am #17027
    amarok
    Participant

    I received an email from my provider, they indicated that they had been contacted by SpamCop. Apparently there is a link on my blog that included in a SPAM message and it is redirecting users to sex related site.

    http://www.?.com/wp-content/plugins/newsletter/statistics/link.phpr=MDswO2h0dHA6Ly9jb25zdWx0dHJ1ZW5vcnRoLmNvbS93cC1jb250ZW50L3VwbG9hZHMvemh1by87MA==e21ad4e5ae02fa4f559/68c07b10133dbee6a028d3a03.html

    When this link is clicked on, then it redirects to an external site.

    I noticed that the modified date for almost everything under the newsletter directory was yesterday and the permission is currently 777, that seems wrong to me.

    Are you aware of any vulnerabilities or how I can fix this?

    Thanks

    August 6, 2015 at 7:15 am #17028
    Stefano
    Keymaster

    This is a little fault of the link tracking system, but on latest version it should solved: if a tracked link is not signed correctly a special page showing the redirection should be shown. Does the link show up a page “you’re redirecting to [url]”?

    August 6, 2015 at 3:08 pm #17043
    amarok
    Participant

    This is exactly what is happening.

    August 6, 2015 at 4:30 pm #17044
    Stefano
    Keymaster

    Version 3.8.6 return a 404 error if link are not correctly signed. The bug was with the new urls introduced for spamassasin which blindly marks as spam link containing wp-content in the path!

    September 19, 2015 at 1:10 am #17796
    jknight2014
    Participant

    What do you mean “Version 3.8.6 return a 404 error if link are not correctly signed.” I am getting such errors. For some reason my unsubscribe link is being sent to redirect.myfqdn.com. That subdomain does not exist.

    I added the subdomain but no luck.

    This is the request: “/wf/open?upn=v2ja-2BlkPOyj4JEOEiL8GZ6P5zYwvk5Qogp6VI4gWNhy41UeMI9jJLBZ8luYdkJ6b1hqCRqtS1yo97D6jZ9bK7bu…..”

    and this is the 404 link: “/wf/click?upn=VCUD6EZq-2FkF1A9QEeVOldC4tMpRsRVtwO7O-2Bsoi2yZZ1sFqqOBAVOUB0HF-2F7BnYhUysf1FDN16wpgwaXIAeKx31BQibhJx9Wz6w-2F-2B2b-2Bw3IqOnRtAbm8Df-2FvyOTi5lu-2F_v2ja-2BlkPOyj4JEOEiL8GZ6P5zYwvk5Qogp6VI4gWNhy41UeMI9jJLBZ8luYdkJ6bwACfkw8EJfOmmHOI4EyFGo4dMlM3Y8h4SsLB9ybl1yPhEEKhhjPCJ668oVwB-2FGcHJRYX3HznKW2kO-2FESx7YNVG797Nh1md2R0cbVJkhNasG-2BpZx67bwB4fyX8GyZDnndDM6wU86mFDc0P7Tevm6GeQ-3D-3D”

    September 19, 2015 at 7:25 am #17800
    Stefano
    Keymaster

    Hi, that link is not generated by newsletter, are you using an external delivery system which has the tracking feature active, like mandrill (but that is not a mandrill link anyway).

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.