Support » Plugin: Newsletter » SOLVED: Spam Subscriptions

  • UPDATE: Stefano Lissa has solved the Spamproblems. I hope the spammers dont find a new way to format their URLs 🙂

    Several users like me have the problem that spammers abuse the newsletter registration (the name field) to send links and spam text via our website to the email the spammers specify.

    The rudimentary check for “http” in the name and the primitive captcha do not prevent this. The support for this is poor, without real interest to find the problem or to recognize that it is the plugin (see here and here).

    Even if the plugin offers good features, this is a fatal error which makes it impossible to use – especially if you consider the legal consequences which can occur in the EU for spam mails which are sent via the server of the users of the plugin. Or that your email address will be filtered as spam in the future. Therefore I give the worst rating for the free plugin – the only remedy would be the paid Newsletter-addons, which allow to use other form plugins for the subscription process.

    • This topic was modified 1 month, 2 weeks ago by joshuaall. Reason: specified payed version = addons to allow the use of other form plugins for the subscription process
    • This topic was modified 1 month, 2 weeks ago by joshuaall.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Stefano Lissa


    Dear joshuaall, as everyone can see in the support forum, we’re dealing with that problem and still looking at it to understand how in your case they’re able to inject fake subscriptions.

    We’re not ignoring the problem but is not always possible to reproduce it exactly: we received spam subscriptions as well (we use our own plugin of course) and the anti-spam rules we implemented blocked them all in our sites and in other sites we have worked for.

    The activation emails sent after a subscription to get the confirmation, if they don’t contain the name or last name, are not effective from a spam point of view and there is nothing to prevent a person to subscribe with another person address. Only giant services, like Mailchimp, can grow an IP blacklist to contain (but not solve) the problem: this is one of the reasons they are expensive.

    About the paid version, there is not a paid version of Newsletter plugin. The only things you can purchase are addons and there are no addons to user external subscription forms. At all.

    Our “delivery” addons can be used to deliver the newsletters using an external mailing services and retrive the bounced addresses. You can use them fo delivery without our addons, just pay them, get the SMTP credentials from them and use the SMTP with one of the many plugin freely available in the WP repository.

    Anyway thank you for using our plugin and give us the chance to look even better at the spam problem. We still don’t know why in your blog those spam registrations still happen, but we continue to work on it.


    Hello Stefano,

    i edited my review to make it more clear that i mean the paid addon that allows to use other form plugins (and their spam preventioning features) for the subscription process.

    Naturally i am glad if you are still trying to find a solution. As stated by me before, since i have a running system that is affected, i would gladly provide any information that is needed to find a solution if you ask for it.

    Plugin Author Stefano Lissa


    Hi @joshuaall thank you again for you collaboration but:

    paid addon that allows to use other form plugins (and their spam preventioning features) for the subscription process

    is still not correct or I cannot fully understand what you mean. We have not paid addons to collect subscriptions.

    Which addon are you reffering to?

    I am refering to the Form-Integrations on

    Plugin Author Stefano Lissa


    Integrations with forms are meant to simply collect a subscription from the contact form in a site. Of course a form can be built to directly collect a subscription, but that does not prevent spam subscription ’cause the subscription service which are targeted by bots must be anyway active.

    So thinking to buy a form integration to prevent spam is wrong (and, of course, we never said that in our documentation).

    ps: if you’re still using the plugin, you can upgrade to version 6.4.7 and change the log level to “info” so the anti-spam activity is logged and why they’re able to bypass the filter discovered.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this review.