Article 11166 at 07/11/17 05:28:04 From: kenmarcus (at mark) precisionweb.net Subject: [coba-e:11166] Re: Contact.php email exploits

Index: [Article Count Order] [Thread]

Date:  Fri, 16 Nov 2007 12:27:54 -0800
From:  "Ken Marcus - Precision Web Hosting, Inc." <kenmarcus (at mark) precisionweb.net>
Subject:  [coba-e:11166] Re: Contact.php email exploits
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <00b501c8288f$2c4394c0$6700a8c0@OfficeKen>
References:  <02d301c82869$764ffd90$0101a8c0@systemax>
X-Mail-Count: 11166


----- Original Message ----- 
From: "Gerald Waugh" <gwaugh (at mark) frontstreetnetworks.com>
To: <coba-e (at mark) bluequartz.org>
Sent: Friday, November 16, 2007 7:57 AM
Subject: [coba-e:11163] Contact.php email exploits


> Hi Blues,
>
> We are seeing more spammers exploting the contact.php script.
> I guess they somehow use CC and BCC.
>
> I removed all contact.php and used mailto
> Anyone have a solution?
> I did find this;
> http://forums.deftechgroup.com/showthread.php?t=1021
>
> -
> Gerald Waugh
> http://frontstreetnetworks.com
> Front Street Networks
> 4604 Fern Ave
> Shreveport, LA 71105-3118
> V: 318-862-3575/3577
> F: 318-862-3576
>
>


Gerald

I think that they generally add a   /n  or  /r  to one of the fields to 
start a new line.
So you  could strip them out.


There is some info at:
http://www.thescripts.com/forum/thread162825.html




----
Ken Marcus
Ecommerce Web Hosting by
Precision Web Hosting, Inc.
http://www.precisionweb.net