Jump to content

Recommended Posts

Someone sent me an email telling me that my contact form was being used to send SPAM, causing everyone the server to be blocked by AOL? What he said...

Your site seems to being used to send out spam mail. I will forward you the headers if you will give me a best address to do so. Please fix this as it is causing everyone on this server to have their mail blocked by AOL.

I'm a bit of a newbie so I'm not even sure if thats possible or if he's just spamming me! LOL I know forms can be used to send spam to the email address the form is supposed to send to, but can it be used to send spam elsewhere? I think thats what this guy is trying to say anyway.

I'm using a php script to send the mail. It's sort of long, I'll paste it if someone cares to see the actual script. I'm just wondering if it's possible the PHP script is doing what this guy says it's doing, and if it is, how do I stop it?

Link to comment
https://forums.phpfreaks.com/topic/2973-my-form-being-used-to-send-spam/
Share on other sites

You would only need to post the portion of your script that sends the email. If you have hard coded the 'To' field to your email, then (to my knowledge) it is unlikely that this is the problem.

 

Someone may have hacked your site however.

 

Post the code and let's have a look.

<?php

$myemail = "misty@mistyr.com";
$ccx = "";
if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,".")))

 

Heh, I think I know what might be doing it. It has the option to carbon copy to the email entered. I should probably take that off, huh?

You got hit by the mail injection problem that surfaced last summer.

 

Please see the article on [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a] for ways to fix your script.

 

Ken

  • 3 months later...

I too have been hit by the botnet aka email header injection. I am in the process of changing my code on my forms. Unfortunately, I have several forms, all of which have been attacked.

 

Anyway, I just wanted to update you on the article that Ken provided a link to.

 

Toward the bottom of the article you'll find a list of aol names/addresses where your form is being bcc'd to. Here are more aol names/addresses to be on the lookout for.

 

Voiettag@aol.com

frekiforbes@aol.com

hollowiog1503@aol.com

 

 

Pesty

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.