Barracuda Email Spam Server is automatically building and returning opt-out URLs to my CRM server

deno · 30 April 2019 14:23

I’m assuming that Barracuda is extracting the identifier pattern from the email source and matching it to sutieCRM and then building the proper opt-out URL atomically at the time the email is received. We removed the default opt-out URL and added our own that redirects to an unsubscribe page on our Website. The opt-out URL sent by Barracuda doesn’t exist anywhere in the source of the emails sent.

Were is the opt-out processed? We want to add an additional parameter to be passed that only we know so we can avoid this in the future. Or if anyone has any better ideas to combat this crap. Thanks

The Source IP Addresses below are owned by Barracuda:
209.222.82.161 - - [25/Apr/2019:07:00:08 -0400] “GET /index.php?entryPoint=removeme&identifier=f2ff90f6-e75e-9642-98f7-5cc19343ef52 HTTP/1.0” 200 49 “-” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)”
209.222.82.137 - - [25/Apr/2019:07:00:12 -0400] “GET /index.php?entryPoint=removeme&identifier=9dc88d0f-e4ce-995c-7109-5cc1935cf9b4 HTTP/1.0” 200 49 “-” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)”
209.222.82.149 - - [25/Apr/2019:07:00:21 -0400] “GET /index.php?entryPoint=removeme&identifier=28a36e11-966b-5829-6157-5cc193f54aff HTTP/1.0” 200 49 “-” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)”
209.222.82.143 - - [25/Apr/2019:07:00:28 -0400] “GET /index.php?entryPoint=removeme&identifier=6bc3b349-0846-239c-7066-5cc1936e775b HTTP/1.0” 200 49 “-” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)”

deno · 30 April 2019 15:18

Found a solution and verified. This solution will require you to modify the default opt out URL located in EmailMan.php or modifying a custom opt-out landing page URL.

This is were the opt-out is being processed:
RemoveMe.php change line 49 –

 if(!empty($_REQUEST['identifier']) && !empty($_REQUEST['YourParameter'])) {

If you aren’t using a custom opt out landing page and you want to modify the default opt-out URL:

EmailMan.php change –

$mail->Body .= "<br /><span style='font-size:0.8em'>{$mod_strings['TXT_REMOVE_ME']} <a href='". $this->tracking_url . "index.php?YourParam=aa&entryPoint=removeme&identifier={$this->target_tracker_key}'>{$mod_strings['TXT_REMOVE_ME_CLICK']}</a></span>";

stephenmchugh · 30 August 2019 10:54

Hi Deno,

Did you implement a custom opt-out page? Assuming a real person arrives at that page, does it contain logic which will auto opt-out that person in Suite?

I note your solution but it’s a little vague to my uneducated eye! Can you expand?

Many thanks in advance.

Steve