Re: Porno spam using form submissions

by Charles A Upsdell <cupsdell(at)>

 Date:  Sat, 01 Dec 2001 13:20:17 -0500
 To:  hwg-techniques(at)
 Cc:  doonavitch <ddoonan1(at)>
 In-Reply-To:  rr
  todo: View Thread, Original
Someone hijacked my formmail procedure earlier in 2001:  it went on for two 
months before I discovered it was happening.  I was using the latest 
version of Matt's formmail.  What I finally did to stop it was to rename 
the formmail procedure:  the spammers are clearly searching for 
procedures to hijack, so renaming the procedure can be effective.

At 06:36 AM 12/01/01, you wrote:
>A couple of porno-related pieces of spam arrived yesterday. Both were listed
>as being the result of form submissions. The first one I simply deleted. The
>second one was submitted from a site called
>Looking at the html source, the second email actually came from a legitimate
>auto parts business. It appears that someone either has hacked their
>servers, or is using a form submission on their site to redirect.
>Considering that many of my sites are using form submissions to gather
>information, what can I do to make sure that no one is using them to send
>out spam using my server?

Chuck Upsdell
Email:     cupsdell(at)

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA