Jump to content

Archived

This topic is now archived and is closed to further replies.

amatuer

Receiving weird spam emails

Recommended Posts

[!--sizeo:3--][span style=\"font-size:12pt;line-height:100%\"][!--/sizeo--]Hi All,

I've got a simple contact form which sends me an email after you have filled in the reqiured fields & clicked on submit. I need to know why I'm receiving all these weird anonymous random emails because of the sendmail.php file. Originally the email address was my domains emaill address but changed it to my webmail email address (gmail),which didnt help at all. the file works but I dont understand why I'm getting spammed. [!--sizec--][/span][!--/sizec--]

<?

$SendTo = "myname@gmail.com";
$ThanksURL = "thankyou.htm"; //confirmation page
$SubjectLine = " Website Feedback";
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$telephone = $_POST['telephone'] ;
$enquiry = $_POST['enquiry'] ;
$http_referrer = getenv( "HTTP_REFERER" );
$Divider = "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~";

// Build Message Body from Web Form Input
$MsgBody = @gethostbyaddr($_SERVER["REMOTE_ADDR"]) . "\n$Divider\n";

$MsgBody =
"This message was sent from:\n" .
"$http_referrer\n" .
"--------------------------------------------------\n\n" .
"Name: $name\n" .
"Email: $email\n" .
"Telephone Number: $telephone\n" .
"------------------------- ENQUIRY -------------------------\n\n" .
$enquiry .
"\n\n------------------------------------------------------------\n" ;

mail($SendTo, $SubjectLine, $MsgBody, "From: \"$name\"myname@gmail.com\r\nReply-To: \"$name\" <$email>\r\nX-Mailer: chfeedback.php 2.04" );
header("Location: $ThanksURL");

?>

These are some of the emails I'm receiving.

RECENT EMAIL 1
This message was sent from:

--------------------------------------------------

Name: ilivates4705@com.au
Email: ilivates4705@com.au
Telephone Number: ilivates4705@com.au
------------------------- ENQUIRY -------------------------

with
Content-Type: multipart/alternative; boundary=bc65d5dab9856a856f99e14116f65508
MIME-Version: 1.0
Subject: with machurer charms, a knowledge
bcc: bajfla1@aol.com

This is a multi-part message in MIME format.

--bc65d5dab9856a856f99e14116f65508
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

minute and tear one another s eyes out in the kitchen if you like. n with you. he two men seize the two women, and push them, still violently abusing one another
--bc65d5dab9856a856f99e14116f65508--

.


------------------------------------------------------------

RECENT MAIL 2

This message was sent from:

--------------------------------------------------

Name: was9375@com.au
Email: was9375@com.au
Telephone Number: was9375@com.au
------------------------- ENQUIRY -------------------------

was9375@com.au

------------------------------------------------------------


If someone knows why or has any suggestions pls pls reply. Cheers

Share this post


Link to post
Share on other sites
please read this article:

[a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]http://www.nyphp.org/phundamentals/email_h...r_injection.php[/a]

Share this post


Link to post
Share on other sites
I don't see how they should get your email, but I do have to note your form is sensitive to email-injection. See this thread: [a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=93206\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?showtopic=93206[/a]

Oops 30 sec too late I see, [img src=\"style_emoticons/[#EMO_DIR#]/laugh.gif\" style=\"vertical-align:middle\" emoid=\":laugh:\" border=\"0\" alt=\"laugh.gif\" /]

Share this post


Link to post
Share on other sites
Oooooow I see..... bloody botnets!!! rrr

I'll have a proper read of the article then add the required script and see how I go. Thanks for quick reply you guys are awesome. [img src=\"style_emoticons/[#EMO_DIR#]/wink.gif\" style=\"vertical-align:middle\" emoid=\":wink:\" border=\"0\" alt=\"wink.gif\" /]

Share this post


Link to post
Share on other sites
[code]if ($_SERVER[HTTP_REFERER] == $our address) {

// Checks if the post is from our domain
// the mail code here


}
[/code]

Will this help...?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.