Hey,
Funny, was following this thread and suddenly I got a few emails that were
almost exactly
in the same format...
Anyway, I just want to send a thank you to whoever had the bright idea of
replacing the
@ with something else its a quick and easy method and should solve that
problem (in tests
it
Ironically, on AOL - all of my EMAIL accounts were spammed with "test"
(subject message) emails... approzimately 10 a day for about 5 days in a row -
all
which had different account names - but the same messages. So, I have a
feeling these are all connected with the hacked forms everyone's
On 8/18/05, Cilliè <[EMAIL PROTECTED]> wrote:
> >> Notice that their "hack" contains a BCC to "[EMAIL PROTECTED]". Perhaps
> >> this is an email account set up by the "hacker".
> >
> > sorry, i'm a bit in the dark here. how did they manage to fill in bcc ?
> > you mean
> > that someone can spam fr
Dotan Cohen wrote:
It looks like you got hit with the same thing that I did. Are you
recording IP addresses?
Yep - The bunch of emails all came from the same IP address: 62.245.167.6
There was no browser/user agent given so it's clearly some sort of
spyder/net trawling software.
--
PHP Gene
Cilliè wrote:
- Original Message - From: "Alex Gemmell" <[EMAIL PROTECTED]>
To:
Sent: Thursday, August 18, 2005 12:11 PM
Subject: Re: [PHP] Be careful! Look at what this spammer did.
Notice that their "hack" contains a BCC to "[EMAIL PROTECTED]"
On 8/18/05, Cilliè <[EMAIL PROTECTED]> wrote:
> sorry, i'm a bit in the dark here. how did they manage to fill in bcc ? you
> mean
> that someone can spam from your site by bcc'ing messages to other mail
> accounts ?
>
They are spoofing headers, so that the mailing agent thinks that there
are two
- Original Message -
From: "Cilliè" <[EMAIL PROTECTED]>
To:
Sent: Thursday, August 18, 2005 12:42 PM
Subject: Re: [PHP] Be careful! Look at what this spammer did.
- Original Message -
From: "Alex Gemmell" <[EMAIL PROTECTED]>
To:
Sent: Th
On 8/18/05, Alex Gemmell <[EMAIL PROTECTED]> wrote:
> My website form also appeared to get "hacked" (I'm using that term very
> loosely), although I have no idea if anything actually got hacked. It
> definitely seems like an automated script that crawls the net probing
> every form.
>
> It trigge
- Original Message -
From: "Alex Gemmell" <[EMAIL PROTECTED]>
To:
Sent: Thursday, August 18, 2005 12:11 PM
Subject: Re: [PHP] Be careful! Look at what this spammer did.
Notice that their "hack" contains a BCC to "[EMAIL PROTECTED]". Perhaps
th
My website form also appeared to get "hacked" (I'm using that term very
loosely), although I have no idea if anything actually got hacked. It
definitely seems like an automated script that crawls the net probing
every form.
It triggered a bunch of emails to me but nothing that I wouldn't have
On 8/18/05, Richard Lynch <[EMAIL PROTECTED]> wrote:
> On Mon, August 15, 2005 4:57 pm, Dotan Cohen wrote:
> > I have a form that my visitors can email me from. Some jerk is trying
> > to fool the mail() function into sending his spam, and I got this
> > today:
>
> Put a CAPTCHA on the form.
>
>
On Mon, August 15, 2005 4:57 pm, Dotan Cohen wrote:
> I have a form that my visitors can email me from. Some jerk is trying
> to fool the mail() function into sending his spam, and I got this
> today:
Put a CAPTCHA on the form.
The jerk is probably not actually using your form, but a script that
In a message dated 8/17/2005 1:17:54 P.M. Central Standard Time,
[EMAIL PROTECTED] writes:
>I tend to agree on things like this. If it's a generic problem then I
>think it does everyone some good to discuss it in the open. Although I
>can see the point of not discussing specific problems
I believe that sendmail would send the two emails. How could it know
that the headers are not part of a new message? I haven't tested it
yet, but to be on the safe side I put up some filters that chech for
certain content in the form. If the content is there, then nothing
gets sent to mail(). Just
On 8/17/05, Greg Schnippel <[EMAIL PROTECTED]> wrote:
> > I'll reply soon off list, as I don't think it appropriate to give
> > potential spammers an archive full of new tricks.
>
> I don't know -- I think its always better to discuss this in the open
> if there is a real security risk that people
Greg Schnippel wrote:
I'll reply soon off list, as I don't think it appropriate to give
potential spammers an archive full of new tricks.
I don't know -- I think its always better to discuss this in the open
if there is a real security risk that people should be aware of.
I tend to agree on
> I'll reply soon off list, as I don't think it appropriate to give
> potential spammers an archive full of new tricks.
I don't know -- I think its always better to discuss this in the open
if there is a real security risk that people should be aware of.
A couple days after your posting to PHP-Ge
On 8/17/05, Rory Browne <[EMAIL PROTECTED]> wrote:
> Can you explain exactly what he tried to do. I should probably be able
> to figure this out, but I'm not feeling too well today.
>
> He modded his message to put different email addresses into the
> message field using mime headers?
>
I'll rep
Can you explain exactly what he tried to do. I should probably be able
to figure this out, but I'm not feeling too well today.
He modded his message to put different email addresses into the
message field using mime headers?
On 8/16/05, Dotan Cohen <[EMAIL PROTECTED]> wrote:
> I have a form that
Yeah, I had this happen to me a while back... glad some of the biggest have
been caught lately =)
<< Original Message
I have a form that my visitors can email me from. Some jerk is trying
to fool the mail() function into sending his spam, and I got this
today:
[EM
I have a form that my visitors can email me from. Some jerk is trying
to fool the mail() function into sending his spam, and I got this
today:
[EMAIL PROTECTED]
Content-Type: multipart/mixed; boundary=\"===0110030565==\"
MIME-Version: 1.0
Subject: 7510b460
To: [EMAIL PROTECTED]
bcc: [E
21 matches
Mail list logo
