where do you get that? it doesn’t do that at all
From bad-behavior-wordpress.php:
// Return emergency contact email address.
function bb2_email() {
return get_bloginfo('admin_email');
}
Then in core.php, we get the call:
<p>Your technical support key is: <strong><?php echo $support_key; ?></strong></p>
<p>You can use this key to <a href="http://www.ioerror.us/bb2-support-key?key=<?php echo $support_key; ?>">fix this problem yourself</a>.</p>
<p>If you are unable to fix the problem yourself, please contact <a href="mailto:<?php echo htmlspecialchars(str_replace("@", "+nospam@nospam.", bb2_email())); ?>"><?php echo htmlspecialchars(str_replace("@", " at ", bb2_email())); ?></a> and be sure to provide the technical support key shown above.</p>
So, yes, it does that. It came to my attention when someone actually used that e-mail address to inform me of a failed attempt at posting a comment.
And now this e-mail address, which was previously hidden to the world, is in the open, and I am receiving spam messages to it.
Very strange… I disabled the plugin after reading this topic. I hope someone can give more information.
@liangzai: (tone down the hysterics, please) at first sight this looks pretty harmless to me; what would be your solution for dealing with false positives?
A solution that I have control over, like customizing the message (if any), including translating it to a proper language and providing an e-mail message of my choice (if any).
And it is not harmless. An e-mail address out in the void WILL be picked up by harvesters and WILL result in phishing attempts, viagra spam and a lot of noise.
This will cost me an awful lot of pain changing e-mail at various places and informing others. I never opted to get spam, I wanted a solution to get rid of it.
Seems like Bad Behavior could provide a simple email form to use there rather than just displaying the email address?
can someone please clarify if that message is shown to everyone that has been blocked?
