It’s no news that some people with sick brains use every chance to send spam e-mails. Plone offers a little send-to-friend functionality for delivering content you like to the ones you like. There are no restrictions for using this form and so some spammers discovered new ways to get their stupid messages to us all.
Because I see log entries here from time to time that someone sends phishy mails via plasser.net, I decided to close this service (who needs this in times of social bookmark services and Digg?). You can still open the sendto_form, but you can’t send anything, hehe.
It’s a kind of net vandalism, right?
Technorati Tags: plasser.net, spam
Hello,
I’m interested in how you closed down the sendto_form, as I’ve been having the same problem. I ended up customizing the sendto_form template to be completely empty, and since it seems to post back to itself I figured that would solve the problem. However, since I haven’t found any type of postback handler in the default sendto_form template I’m a bit concerned that I might not have plugged the hole completely..
Best regards,
Karl Bengtsson
Hi Karl,
well, this was a long time ago. I can’t remember how I exactly closed it and for some reason I then installed WordPress as I liked it much more then Plone for blogging. So it’s hard to look into it now, but I think I just set rights that no one could send a message over the sendto_form (AFAIK in the ZMI -> uncheck AllowSendto for Anonymous). And you can customize portal_skins/plone_form_scripts/sendto.py too.
HTH,
Jürgen
There is a permission for it: Go into the ZMI, to the Plone site, and click the “Security” tab. Untick “Allow sendto” for “Anonymous”, and also untick “Acquire?”.
Plone also checks this permission before it displays the “Send to” link.