Re: Formmail and spam attack
by Greg Hart <ghhart(at)earthlink.net>
|
| Date: |
Tue, 22 Oct 2002 14:55:27 -0400 |
| To: |
hwg-techniques(at)mail.hwg.org |
| In-Reply-To: |
rr |
| |
todo: View
Thread,
Original
|
|
At 11:33 AM 10/22/2002 -0700, you wrote:
>This weekend I made the unpleasant discovery that a spammer was
>apparently using a formmail script on my client's site to send out porno
>spam. Thousands of messages went out, all with my client's return
>address.
>
>The tech folks at the hosting company said spammers can exploit a
>weakness in formmail to launch their email. They recommended upgrading my
>version (I had 1.9 and I found 1.92 at Matt's Script Archive).
>
>Has this happened to anyone here? Is the recommendation I received
>sufficient or are there other steps I should take?
The newer versions of Formmail only allow emails to be sent if you have
those domains listed inside the script...however, both 1.9 and 1.92 have
this, so I'm not sure if there was another flaw in 1.9 or not, or maybe the
hosting company was using the typical "upgrade to fix it" excuse. I know
I've tested forms before and had forgotten to put the test email domain in
the script, making it unhappy, so that part of the security seems to work,
and that was using version 1.9. I'd like to find out myself if there's a
problem we need to watch for.
- Greg Hart
HWG hwg-techniques mailing list archives,
maintained by Webmasters @ IWA