Jump to content


Photo

Spam proof mail form


  • Please log in to reply
2 replies to this topic

#1 Mouse

Mouse
  • Members
  • PipPipPip
  • Advanced Member
  • 95 posts
  • LocationToo Close to LONDON

Posted 01 May 2006 - 03:36 PM

hi all...

i have just found that a simple mail form i had on my testing site has been used to send spam... so two questions

1... how do they use my form to spam other people?

2... how do i stop the buggers?

GRRRRRRRRrrrrrrrrr!!!!!!!!!!!!!!!!11

Mouse

#2 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 01 May 2006 - 04:31 PM

Take a look at these articles at the [a href=\"http://www.nyphp.org/index.php\" target=\"_blank\"]NYC PHP User's Group[/a] web site:
  • [a href=\"http://www.nyphp.org/phundamentals/spoofed_submission.php\" target=\"_blank\"]Spoofed Form Submissions[/a]
  • [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a]
Ken

#3 Mouse

Mouse
  • Members
  • PipPipPip
  • Advanced Member
  • 95 posts
  • LocationToo Close to LONDON

Posted 01 May 2006 - 06:17 PM

[!--quoteo(post=370309:date=May 1 2006, 05:31 PM:name=kenrbnsn)--][div class=\'quotetop\']QUOTE(kenrbnsn @ May 1 2006, 05:31 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Take a look at these articles at the [a href=\"http://www.nyphp.org/index.php\" target=\"_blank\"]NYC PHP User's Group[/a] web site:
  • [a href=\"http://www.nyphp.org/phundamentals/spoofed_submission.php\" target=\"_blank\"]Spoofed Form Submissions[/a]
  • [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]Email Header Injection Exploit[/a]
Ken
[/quote]
makes for a scarey read... i think i'm going to have to reevaluate my mail functions.

has anyone found a solution? would it be feasable to add a limit to how many mails were sent by each IP or email address?

Mouse




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users