Jump to content


Photo

My form being used to send SPAM?


  • Please log in to reply
4 replies to this topic

#1 purplemist2002

purplemist2002
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 03 December 2005 - 02:11 AM

Someone sent me an email telling me that my contact form was being used to send SPAM, causing everyone the server to be blocked by AOL? What he said...
Your site seems to being used to send out spam mail. I will forward you the headers if you will give me a best address to do so. Please fix this as it is causing everyone on this server to have their mail blocked by AOL.
I'm a bit of a newbie so I'm not even sure if thats possible or if he's just spamming me! LOL I know forms can be used to send spam to the email address the form is supposed to send to, but can it be used to send spam elsewhere? I think thats what this guy is trying to say anyway.
I'm using a php script to send the mail. It's sort of long, I'll paste it if someone cares to see the actual script. I'm just wondering if it's possible the PHP script is doing what this guy says it's doing, and if it is, how do I stop it?

#2 jajtiii

jajtiii
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 03 December 2005 - 04:23 AM

You would only need to post the portion of your script that sends the email. If you have hard coded the 'To' field to your email, then (to my knowledge) it is unlikely that this is the problem.

Someone may have hacked your site however.

Post the code and let's have a look.

#3 purplemist2002

purplemist2002
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 03 December 2005 - 01:26 PM

<?php

$myemail = "misty@mistyr.com";
$ccx = "";
if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,".")))

Heh, I think I know what might be doing it. It has the option to carbon copy to the email entered. I should probably take that off, huh?

#4 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 03 December 2005 - 02:59 PM

You got hit by the mail injection problem that surfaced last summer.

Please see the article on [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a] for ways to fix your script.

Ken

#5 pesty

pesty
  • Members
  • Pip
  • Newbie
  • 2 posts

Posted 19 March 2006 - 09:20 PM

I too have been hit by the botnet aka email header injection. I am in the process of changing my code on my forms. Unfortunately, I have several forms, all of which have been attacked.

Anyway, I just wanted to update you on the article that Ken provided a link to.

Toward the bottom of the article you'll find a list of aol names/addresses where your form is being bcc'd to. Here are more aol names/addresses to be on the lookout for.

Voiettag@aol.com
frekiforbes@aol.com
hollowiog1503@aol.com


Pesty




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users