Ghost sign up and spam?

Using Ghost
102

I’ll dig into it more shortly, but I did just check my ghost version and I’m on 5.110.4

103

If you’re seeing this happening actively in a version after 5.110.3 I’d love to hear more about it!

5 Likes
Spam Text Messages with Spoofed Email Address
104

Hi John, thanks for all your work. I never had any spam problems, my website is really tiny.

However, just an heads up. I received this morning a signup that looks kinda suspicious, from an email with a “samintro.com” domain. I looked online and seems like a spam domain, but not really sure. I recently updated to 5.111.0.

106

Here is a full list for anyone looking for it:

edny.net
email.uscc.net
fido.ca
mailmymobile.net
messaging.sprintpcs.com
mms.att.net
mms.cricketwireless.net
mms.uscc.net
msg.telus.com
myboostmobile.com
mymetropcs.com
pcs.rogers.com
pm.sprint.com
samintro.com
sms.cricketwireless.net
sms.myboostmobile.com
sms.sasktel.com
tmomail.net
txt.att.net
txt.bell.ca
txt.freedommobile.ca
vtext.com
vzwpix.com
107

a more complete list is published here @agam

4 Likes
108

+1 to adding mymetropcs.com to spam filters - I’m seeing this come in with recent spam accounts.

1 Like
109

Is this feature depreciated on ghost 6 ?

110

Nope. Still working from both the configuration as well as Settings > Spam Filter for me.

1 Like
111

Screenshot 2026-02-10 at 3.59.17 PM
Screenshot 2026-02-10 at 3.59.17 PM2254×1394 194 KB
The new spam filter option also cannot fix this issue. I have added all the listed domains in my spam filter list, But 2 of my ghost websites are still affected. They are not using any of these spam domains anymore they use actual existing domains and bypassing the ghost confirmation account email somehow, I feel like there is some security issue in the magic link provided by ghost.

Screenshot 2026-02-10 at 4.02.21 PM
Screenshot 2026-02-10 at 4.02.21 PM1884×958 65 KB

telegram-cloud-photo-size-5-6330016899743288678-y
telegram-cloud-photo-size-5-6330016899743288678-y1280×404 34.7 KB

telegram-cloud-photo-size-5-6077834093912592096-y
telegram-cloud-photo-size-5-6077834093912592096-y1213×543 51.4 KB

i am getting these replies to my auto emails also.

112

I am deleting more than 40 members per day. All signup sources are either the homepage or from a page of the same site. But the locations is a different country, I am 100% sure that this is spam signps according to the signup trend/audience i had in past 2 year. And these email replies (kindly check the above comment)to the automated emails confirms this. This needs to be prevented by better algorithm

1 Like
113

Do you self host?

Please check Observations about spam signups

2 Likes
114

Yes We self-host ghost sites, Thanks for these links. Waiting for ghost team to fix this in core.

115

Safe-listed Email Domains is a far superior approach, save mail api quota for legitimate users.
Please @Sag adopt this for release.