Massive spam with Newsletter Made Simple
Posted: Sun Nov 30, 2025 10:22 am
Hey people,
I’m using Newsletter Made Simple (there’s no current replacement for it yet) and it has been working great so far but lately I’m getting massive bot sign-ups that apparently use the signup form (I’m getting thousands upon thousands of “Undelivered mail” return emails). And this has only increased massively after sending out the last newsletter. Does anyone know how this could be connected?
The thing is: I’ve already removed the form from the website and I’m still getting a lot of bot traffic. I can see the IPs doing POST requests in the server logs and I’ve even blocked many IPs but somehow I’m still getting malicious signups by the second. The only thing that helped was to uninstall NMS. And when I reinstalled it, the bots came back. How are they able to send POST requests without a form? As far as I know there isn’t even a special URL parameter that could be abused, or is there?
I’m using Newsletter Made Simple (there’s no current replacement for it yet) and it has been working great so far but lately I’m getting massive bot sign-ups that apparently use the signup form (I’m getting thousands upon thousands of “Undelivered mail” return emails). And this has only increased massively after sending out the last newsletter. Does anyone know how this could be connected?
The thing is: I’ve already removed the form from the website and I’m still getting a lot of bot traffic. I can see the IPs doing POST requests in the server logs and I’ve even blocked many IPs but somehow I’m still getting malicious signups by the second. The only thing that helped was to uninstall NMS. And when I reinstalled it, the bots came back. How are they able to send POST requests without a form? As far as I know there isn’t even a special URL parameter that could be abused, or is there?