Magento 1 spam emails

If you’re finding that your Magento 1 website is sending spam email you’re not alone! We’ve seen an increase in enquiries from merchants looking to fix this issue. The first a store owner is made aware of this is when their email service bans them from over-sending.

So how are the spam emails being sent from Magento?

We’ve identified at least 2 areas of Magento which is being used by the Chinese spammers, these are the ‘Share your wishlist’ and ‘Send to a friend’ features.

After creating an account on your web store and adding a product to cart. The bots have free reign to send this product to ‘friends’ i.e any email they would like to. Including a Spammy message alone with the product share. Also the wishlist can be shared with a message to any emails.

We’ve identified some stores that have sent over 12000 spam emails in a single day!

Solutions

Stop Send to a friend spam

Luckily this is an easy fix, just edit your local.xml file and add the section below. Then clear your site cache.
app/etc/local.xml

...existing config file...    
  <default>
   <sendfriend>
    <email>
        <enabled>0</enabled>
    </email>
   </sendfriend>
  </default>
</config>

Don’t forget to remove the ‘Share this product’ button from the product page or you’ll annoy your customers!

Stop Wishlist spam

Wishlist is a little harder, unless you’re willing to just turn this functionality off completely.
Luckily there is an extension available for free which fixes both of these issues.

https://github.com/vnahalpara/magento-Wishlist-Share-Spam-Protector


...
Luke

share:


...
Luke

share:


Ready to start your next project?

See how we can help you accelerate your business