Suspect account. Anonymous account

#1

On an registered email address it showed as when a user typically goes anonymous. Gives my domain as the email address of registration. Then it shows a name change from that to a new user.

How do I track who created the first Anon account?

(Jeff Atwood) #2

Sorry… what? I’m not following what you wrote above. Can you provide more specifics?

3 Likes
#3

Yes sorry. So the day before I saw this. A new Anonymous user email using my domain which I assume is when a user clicks the anonymous tab on their account.

The email address is listed as @anon.mydomain.com

Then I saw this in the logs next day

Instead of the anonymous user name they changed the name and then started using that account to spam people.

(Jeff Atwood) #4

Have you enabled the anonymous posting feature in site settings? This is off by default.

It does look like that’s the default email format from switching to anon posting, so what you’re describing is possible in my testing.

b8e5da78f9176dc1b3d051c8323f8827@anon.try.discourse.org

Do you need this feature? If you don’t need it, I would turn it off.

@sam there are some holes here, the anon user can change their email and username in their user prefs which doesn’t seem right. I also wonder if this feature should be limited to TL1 users?

1 Like
(Sam Saffron) #5

This is already the case out-of-the-box, you need to opt for pain to allow TL1.

We got to fix this … agree, @maja can you make sure if anon posting is enabled that end users can not amend email or username.

6 Likes
#7

Thanks. Yes I decided to turn it off for now.

2 Likes
(Maja) #8

Fixed in

5 Likes
(Maja) closed #9