Mouse Posted May 1, 2006 Share Posted May 1, 2006 hi all...i have just found that a simple mail form i had on my testing site has been used to send spam... so two questions1... how do they use my form to spam other people?2... how do i stop the buggers?GRRRRRRRRrrrrrrrrr!!!!!!!!!!!!!!!!11Mouse Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted May 1, 2006 Share Posted May 1, 2006 Take a look at these articles at the [a href=\"http://www.nyphp.org/index.php\" target=\"_blank\"]NYC PHP User's Group[/a] web site:[list][*][a href=\"http://www.nyphp.org/phundamentals/spoofed_submission.php\" target=\"_blank\"]Spoofed Form Submissions[/a][*][a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a][/list]Ken Quote Link to comment Share on other sites More sharing options...
Mouse Posted May 1, 2006 Author Share Posted May 1, 2006 [!--quoteo(post=370309:date=May 1 2006, 05:31 PM:name=kenrbnsn)--][div class=\'quotetop\']QUOTE(kenrbnsn @ May 1 2006, 05:31 PM) [snapback]370309[/snapback][/div][div class=\'quotemain\'][!--quotec--]Take a look at these articles at the [a href=\"http://www.nyphp.org/index.php\" target=\"_blank\"]NYC PHP User's Group[/a] web site:[list][*][a href=\"http://www.nyphp.org/phundamentals/spoofed_submission.php\" target=\"_blank\"]Spoofed Form Submissions[/a][*][a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a][/list]Ken[/quote]makes for a scarey read... i think i'm going to have to reevaluate my mail functions.has anyone found a solution? would it be feasable to add a limit to how many mails were sent by each IP or email address?Mouse Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.