Wordpress - Contact Form 7 - Blacklist "Reply To" email address

Hi,

We have a couple of Wordpress sites on different domains that use the "Contact Form 7" plugin. We also have the "ReCaptcha v2 for Contact Form 7" plugin active. We are receiving untold amounts of spam from one email address - [email protected]

I am having problems creating a blacklist for this email address as Contact Form 7 forwards the messages to an internal email address as the "From" email address which I obviously cannot blacklist!

My question is how can I ban a "Reply To" email address which contains the offending email address?

As always many thanks in advance for any help on this

HTA

 

No mention of operating system or ispconfig version.
https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
Are you using Wordfence on your Wordpress? You could use that to block that sender, if sending happens from same IP or same country.

 

Hi,

My apologies for that - I thought I had the info in my Signature!

We are not using Wordfence.

TBH I do not use Wordpress myself - this is for a couple of clients.

The issue is that Contact Form 7 sends the form message to an internal email address belonging to each domain. This is from the Headers of the received email: -

(Authenticated sender: ###[email protected])
Date: Sun, 12 Sep 2021 08:56:42 +0000
To: ### ## <###[email protected]>
From: ### ## <###[email protected]>
Reply-To: [email protected]

We really need to be able to BlackList the Reply-To: [email protected]

As always, many thanks for your kind help

HTA

 

Hi Thom,

Many thanks for your kind help.

I have implemented your solution and hopefully that will have sorted the issue.

Very kind of you to take the time out and provide a solution

With kind regards

HTA

 

just discarding the mail, to me, seems to be hiding the symptoms, rather the solving the problem.

can you not check the website logs, see if all these requests for the feedback form page are coming from the same ip, or a limited set of ip's and then block those ip's? this is also something wordfence may help with.
another option is to update the recaptcha to v3, it may be more effective at blocking this form submission than v2.

these options, if they work, should reduce the load on both the website and the mail system, and you still have the option of discarding mails using that reply-to address if they do fail for any reason.

 

@nhybgtvfr
Hi, thanks for the update.
I hear what you are saying but this guy ([email protected]) is a prolific spam / con artist!
Google his email address and you will see he has been at it for years!
No chance of blocking his IP Address as it keeps changing!
I am not very savvy with Regexp Patterns but could do to add a couple more examples that he is using in the body of the emails: -
Telephone Number: 555-555-1212
Talk With Web Visitor
https:// talkwithwebvisitors . com
Imagine how powerful this could be
FREE 14 days trial
The above are some samples from his emails that I'd love to check for
Kind regards
HTA

 

Hi Jesse,

Many thanks for the update.
I was actually referring to ispconfig -> Email -> Content filter as suggested by @Th0m
I have just finished updating the sites from recaptcha v2 to recaptcha v3 so fingers crossed this will also help?
With kind regards
HTA