Re: Porno spam using form submissions
by "Angel One" <angelone(at)angelonearth.net>
||Sun, 2 Dec 2001 00:07:25 -0500
I thought Matt's script allowed you to block other I.P.'s with this line
# @referers allows forms to be located only on servers which are defined
# in this field. This security fix from the last version which allowed
# anyone on any server to use your FormMail script on their web site.
@referers = ('domainname.com','yourI.P.number');
Dosen't that keep others from using your script?
~ Paul Angel
Should you need a domain name registered I highly recomend DirectNIC.
It's just $15 per year with several perks and great service!
----- Original Message -----
From: "Charles A Upsdell" <cupsdell(at)upsdell.com>
Cc: "doonavitch" <ddoonan1(at)nycap.rr.com>
Sent: Saturday, December 01, 2001 1:20 PM
Subject: Re: Porno spam using form submissions
> Someone hijacked my formmail procedure earlier in 2001: it went on for
> months before I discovered it was happening. I was using the latest
> version of Matt's formmail. What I finally did to stop it was to rename
> the formmail procedure: the spammers are clearly searching for
> procedures to hijack, so renaming the procedure can be effective.
> At 06:36 AM 12/01/01, you wrote:
> >A couple of porno-related pieces of spam arrived yesterday. Both were
> >as being the result of form submissions. The first one I simply deleted.
> >second one was submitted from a site called Karina@Wantsto@@@@.com
> >Looking at the html source, the second email actually came from a
> >auto parts business. It appears that someone either has hacked their
> >servers, or is using a form submission on their site to redirect.
> >Considering that many of my sites are using form submissions to gather
> >information, what can I do to make sure that no one is using them to send
> >out spam using my server?
> Chuck Upsdell
> Email: cupsdell(at)upsdell.com
> Website: http://www.upsdell.com/
HWG hwg-techniques mailing list archives,
maintained by Webmasters @ IWA