Prevent email triggering from external source in ASP.Net Web Forms

Question

I'm using mailchimp bulk email subscription to send newsletter email to my customers. But, someone is using some mechanism to trigger emails from my website.

I'm getting bulk emails continuously one after another from my website.

Is there any way available to stop this hacking activity?

Becuase of this, my subscription is closing very soon as I'm using more emails per minute.

Here's my code:

protected void btnSubmit_Click(object sender, EventArgs e)  
{  
        //Fetching Settings from WEB.CONFIG file.  
        string emailSender = ConfigurationManager.AppSettings["emailsender"].ToString();  
        string emailSenderPassword = ConfigurationManager.AppSettings["password"].ToString();  
        string emailSenderHost = ConfigurationManager.AppSettings["smtpserver"].ToString();  
        int emailSenderPort = Convert.ToInt16(ConfigurationManager.AppSettings["portnumber"]);  
        Boolean emailIsSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsSSL"]);  


        //Fetching Email Body Text from EmailTemplate File.  
        string FilePath = "D:\\MBK\\SendEmailByEmailTemplate\\EmailTemplates\\SignUp.html";  
        StreamReader str = new StreamReader(FilePath);  
        string MailText = str.ReadToEnd();  
        str.Close();  

        //Repalce [newusername] = signup user name   
        MailText = MailText.Replace("[newusername]", txtUserName.Text.Trim());  


        string subject = "Welcome to CSharpCorner.Com";  

        //Base class for sending email  
        MailMessage _mailmsg = new MailMessage();  

        //Make TRUE because our body text is html  
        _mailmsg.IsBodyHtml = true;  

        //Set From Email ID  
        _mailmsg.From = new MailAddress(emailSender);  

        //Set To Email ID  
        _mailmsg.To.Add(txtUserName.Text.ToString());  

        //Set Subject  
        _mailmsg.Subject = subject;  

        //Set Body Text of Email   
        _mailmsg.Body = MailText;  


        //Now set your SMTP   
        SmtpClient _smtp = new SmtpClient();  

        //Set HOST server SMTP detail  
        _smtp.Host = emailSenderHost;  

        //Set PORT number of SMTP  
        _smtp.Port = emailSenderPort;  

        //Set SSL --> True / False  
        _smtp.EnableSsl = emailIsSSL;  

        //Set Sender UserEmailID, Password  
        NetworkCredential _network = new NetworkCredential(emailSender, emailSenderPassword);  
        _smtp.Credentials = _network;  

        //Send Method will send your MailMessage create above.  
        _smtp.Send(_mailmsg);  



    }  
} 

Answer 1

You should have captcha on your form: https://www.google.com/recaptcha/intro/v3.html

Add a reference on your website to library/bin/Release/Recaptcha.dll: On the Visual Studio Website menu, choose Add Reference and then click the .NET tab in the dialog box. Select the Recaptcha.dll component from the list of .NET components and then click OK. If you don't see the component, click the Browse tab and look for the assembly file on your hard drive. Insert the reCAPTCHA control into the form you wish to protect by adding the following code snippets: At the top of the aspx page, insert this:

<%@ Register TagPrefix="recaptcha" Namespace="Recaptcha" Assembly="Recaptcha" %>

Then insert the reCAPTCHA control inside of the tag:

<recaptcha:RecaptchaControl
    ID="recaptcha"
    runat="server"
    PublicKey="your_public_key"
    PrivateKey="your_private_key"
    />

You will need to substitute your public and private key into PublicKey and PrivateKey respectively.

Make sure you use ASP.NET validation to validate your form (you should check Page.IsValid on submission).