hwg-techniques archives Dec 2001 new search results previous next

Re: Porno spam using form submissions

by "Angel One" <angelone(at)angelonearth.net>

 Date:  Sun, 2 Dec 2001 00:07:25 -0500
 To:  <hwg-techniques(at)hwg.org>
 References:  upsdell
  todo: View Thread, Original 
    Hi All,
    I thought Matt's script allowed you to block other I.P.'s with this line
of code:
# @referers allows forms to be located only on servers which are defined
#
# in this field.  This security fix from the last version which allowed
#
# anyone on any server to use your FormMail script on their web site.
#

@referers = ('domainname.com','yourI.P.number');

Dosen't that keep others from using your script?

~       Paul Angel

http://valuewebinc.com
http://v-firms.com
http://webcomnow.com
http://sitesense.com
http://DigitalRescue.org

Should you need a domain name registered I highly recomend  DirectNIC.
 http://www.directnic.com/?5204
It's just $15 per year with several perks and great service!


----- Original Message -----
From: "Charles A Upsdell" <cupsdell(at)upsdell.com>
To: <hwg-techniques(at)hwg.org>
Cc: "doonavitch" <ddoonan1(at)nycap.rr.com>
Sent: Saturday, December 01, 2001 1:20 PM
Subject: Re: Porno spam using form submissions


> Someone hijacked my formmail procedure earlier in 2001:  it went on for
two
> months before I discovered it was happening.  I was using the latest
> version of Matt's formmail.  What I finally did to stop it was to rename
> the formmail procedure:  the spammers are clearly searching for
formmail.pl
> procedures to hijack, so renaming the procedure can be effective.
>
> At 06:36 AM 12/01/01, you wrote:
> >A couple of porno-related pieces of spam arrived yesterday. Both were
listed
> >as being the result of form submissions. The first one I simply deleted.
The
> >second one was submitted from a site called Karina@Wantsto@@@@.com
> >
> >Looking at the html source, the second email actually came from a
legitimate
> >auto parts business. It appears that someone either has hacked their
> >servers, or is using a form submission on their site to redirect.
> >
> >Considering that many of my sites are using form submissions to gather
> >information, what can I do to make sure that no one is using them to send
> >out spam using my server?
> >
> >David
>
> -
> Chuck Upsdell
> Email:     cupsdell(at)upsdell.com
> Website:   http://www.upsdell.com/
>
>
>

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA