kaled
msg:374316 | 9:25 am on Sep 24, 2005 (gmt 0) |
Just a thought.... Might a competitor have spoofed the complaint? Does your site have a shared or a unique IP address? Kaled.
|
guarriman
msg:374317 | 9:40 am on Sep 24, 2005 (gmt 0) |
> Just a thought.... Might a competitor have spoofed the complaint?
Yes, it might. But... is it possible? (I had no idea
about spam and less about Spamhaus complaints til now) > Does your site have a shared or a unique IP address?
I share server with more than 50 websites. Mmmm... why is my host so sure about I'm to blame? BTW, thank you very much Kaled for your answer.
|
georgeek
msg:374318 | 10:08 am on Sep 24, 2005 (gmt 0) |
This is just one of the hazards of having a shared IP. How about talking to your hosting service and requesting a dedicated IP. For a few dollars you could be back up and running in a few hours and not have to worry about the problem happening again.
|
guarriman
msg:374319 | 10:23 am on Sep 24, 2005 (gmt 0) |
Yes, georgeek, you're right. But, the rest of the websites hosted in my server are not cancelled and I'm the only one :( Any robust and reliable host service offering Dedicated Servers?
|
kaled
msg:374320 | 12:34 pm on Sep 24, 2005 (gmt 0) |
If I were you, I'd tell them categorically to put your site back up. If the complaint is based on an IP address (and I believe this is how spamhaus and others operate) there is no way to be certain that you are to blame. The most likely source of any spam from your IP address is a vulnerable mail script. Do you use form mail? If not then there is almost no way for the blame to be yours. Also, if you do use form mail and the script was provided by your host, if it has been hacked, it's their fault for providing a vulnerable script. Kaled.
|
guarriman
msg:374321 | 2:49 pm on Sep 24, 2005 (gmt 0) |
I've got one simple email form which sends comments from my visitors: email-form.html
-------------------
<form method=post action=send-mail.php>
Your email address:<br>
<input type="text" size="56" name="email"> <br>
Your name: <br>
<input type="text" size="56" name="name"> <br>
Text:<br>
<textarea name="text" rows=7 cols=60 wrap="off"></textarea> <br>
<input type="Submit" value="Send">
</form>
--------- send-mail.php
-----------
$to = "myemail@mydomain.com";
$subject = "Sent Menssage";
$body = "Message Body \n";
$body = $body . "----------------------- \n";
$body = $body . $email . "\n";
$body = $body . "----------------------- \n";
$body = $body . $name . "\n";
$body = $body . "----------------------- \n";
$body = $body . $text . "\n";
$headers = "From: $email";
mail($to,$subject,$body,$headers);
------------- Could this script be vulnerable?
|
saoi_jp
msg:374322 | 3:03 pm on Sep 24, 2005 (gmt 0) |
It could be vulnerable. Depends on how the "send-mail.php" script gets "email" from the form. I hope this code is correct:
$to = $_POST['email'];
(See www.php.net and look up $_POST in the search.)
Using $_POST gets the data from the form (you have method=post). If your script just says something like
$to = $email;
then it could get the address from the form, or from a URL. An automated script could access your script page through something like
http://www.example.com/send-mail.php?email=asdf@fdlkj.com
By the way, this is a neater way to write the $body, and a little more efficient than redoing $body each line:
$body = "Message Body \n"
. "----------------------- \n"
. $email . "\n"
. "----------------------- \n"
. $name . "\n"
. "----------------------- \n"
. $text . "\n";
[edited by: encyclo at 7:56 pm (utc) on Aug. 11, 2007]
|
guarriman
msg:374323 | 3:24 pm on Sep 24, 2005 (gmt 0) |
Thank you saoi for your answer. '$to' value is within the PHP code (it's always 'myemail@mydomain.com' and this is my mailbox where I receive the messages), and I only get these values from the form:
$email (email og the person sending the message)
$name (name of the person sending the message)
$text (contents of the message) You're right that it's better using:
$email = $_POST['email'];
$name = $_POST['name'];
$text = $_POST['text']; But if you spoof these values, you cann't send spam to
anybody, since you cann't modify '$to' value, am I right?
|
saoi_jp
msg:374324 | 3:40 pm on Sep 24, 2005 (gmt 0) |
Ah, I see. $to is hard-coded within the script page itself.
But if you spoof these values, you cann't send spam to
anybody, since you cann't modify '$to' value, am I right? |
|
As far as I know, you're right, because $to is not coming from outside the script.
|
|
