Registration compromise
 

Hello all.
I have a potential issue I wanted to run past you guys, to see what you think. I am running vBulletin 3.6.7 PL1 and have users require email confirmation set to ON.
I had a user sign up today, who created an account, and was posting within minutes. Fine I thought, but about half an hour ago, I got 3 failure messages. One for the confirmation email send, one for a PM someone sent him after he signed up, and another for his welcome email.
The details of the message failure were:
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550 Requested action not taken: mailbox unavailable

So this says to me that he never received these emails, yet he still activated his account and was able to post.

My question is, if my thesis is correct, how in the name of zeus's butthole did he manage to activate his account and post?

Any thoughts gratefully received.

TIA

J

EDIT: and I have checked the admin logs, to make sure that the other admin hasnt been playing me about....

Bounce is a e-mail bounce message from the person's e-mail provider read more on 550 errors...

Make sure that you have the usergroup for awaiting activation set to NOT post!

All post permissions are set to "NO".
Was my first thought sadly, I wish it were that simple :(

EDIT: And besides which, his account is showing as registered user, not user awaiting confirmation email.

Hmmm, then shoot me a PM to test that out then I'll sign up on your forums and test it myself and let you know. let me know?

YGPM

blogtorank, you do not have permission to access this page. This could be due to one of several reasons:

1. Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
2. If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

He had to have confirmed his e-mail, because I have tried twice for you, perhaps there is a blacklist of your e-mail that's being sent out too him.... However the biggest factor is I received your welcome e-mail to confirm my e-mail address and all which is gmail so do note that this is more than likely his e-mail server... Suspend his account until further notice, just to see if he responds too you, if not keep him banned perm!

There's no compromise whatsoever in there that I see, just seems his email server is wacked = HOTMAIL or YAHOO? :D

So you are thinking he got the emails, but his server sent failures anyway?

Perhaps it sent back a failure, but is it a free email service?

Yup it is..... and not a good one at that.

Looks like its just me being paranoid.

Yeah I wouldn't worry too much over it :), if he spams then ban him, but I would ban him to see if he is a real person rather than that rum runner bot that runs around ;)