How can we improve WHMCS?

Share, discuss and vote for what you would like to see added to WHMCS

  1. Home
  2. Ideas
  3. Support
  4. Need better control for bounce message in ticket system

Need better control for bounce message in ticket system



25 Votes
Login to Vote
Most of the WHMCS users allow submitting ticket to "Registered" clients only and rest of the emails are bounced. Also, when users submit a ticket, he/she receives automatic email for the ticket. But when not-register user or spammers submit a ticket from non-existence email address, it generates continuous loop between our server and recipient server stating that "support ticket not opened" and this creates huge logs in "Ticket Mail import logs"

As of WHMCS 5.2, I could see that outgoing tickets are also logged in "Activity logs" and this make WHMCS database larger.

If you can add a system which can block such thing it would be great.

Thanks,
Kailash

9 Comments

Login to post a comment.

Jose Manuel Giner commented 26th May 21
Hello, please allow to customize the Return-Path header.
Thanks!
Lorelei commented 17th July 18
I would recommend you to use Zerobounce.net for email validation. They are the most secure email validation system you can find.

Here is the link where you can find them https://www.zerobounce.net
Official Response
WHMCS commented 25th August 15
Hi,
WHMCS automatically blocks email loops such as these when 10 emails are received from the same address within a 15 minute period. You can reduce this tolerance further under Setup > General Settings > Support tab > Ticket Reply Email Limit:
http://docs.whmcs.com/Support_Tab#Ticket_Reply_Email_Limit
Do let me know whether that does the trick for you.
Ondřej Bělohlávek commented 23rd June 14
Yes, sometimes we found hundreds of emails generated because of only one spam message which comes to our support department email.
jas8522 commented 15th April 14
Even if we can send bounces elsewhere so they're not captured by WHMCS ticketing, that would be a great first step. This could be done *very* easily by WHMCS by allowing us to set the return-path header from within WHMCS.

If you're using the PHP mail() function to send you should be able to set this from the following file:

includes/classes/PHPMailer/class.phpmailer.php

Just look for the line public $ReturnPath = ''; and set it to the email address of your choice.

But if you're using SMTP instead, then you can't set it! The class.smtp.php file does not have such an option probably since the class itself doesn't build the email when sending mail this way.
Dubz commented 1st April 14
There is a system I found online that allows you to insert an email address and check if it is valid or not.

Basically it connects to the email server and asks if the email is valid. The server responds with a code and message stating whether it exists or not.

Perhaps this method could be implemented into WHMCS, or the API option could be added, so we can help block this spam.

http://verify-email.org/
jas8522 commented 12th March 14
I have the same issue.

In the past I had used spam ticket controls to block messages from mailer-daemon and other similar bounce addresses / subjects. The problem with doing this is that we don't know when a bounce has occurred and thusly we can't tell if a recipient has actually received the message or not.

The best solution to this would be to capture the bounce message, match it to a ticket (hopefully by headers or message content) and display a notification either on the ticket or the particular ticket response that bounced which indicates there was a problem with delivery of the message. Include a link to the actual bounce error / message text for troubleshooting purposes and we'd be all set.

-Jordan
Sherwin Flight commented 8th December 13
Yes, I found this thread looking for a solution to the same problem with spam and bounce messages.
Kailash commented 11th October 13
This needs to address as soon as possible. We have now 2.2 Million records in "Activity logs" due to this.

Spammer sends an email to our system from fake email address -> our system sends an email to fake email address stating support ticket not ope -> Fake email address does not exist hence recipient server generate bounce -> Our system tries to send an email again for that bounce email -> Again recipient server sends bounce... All those activities are recorded in "Activity logs" as well as "Ticket Mail Import logs".. This is infinite loop and this can only stop if you block the from address from which you are receiving bounce email. It is not possible to monitor activity logs contentiously.