they are sending some variables and then modifying the request slightly to try and pick up the mail processing file. eg /cgi-bin/formail.cgi
The emails are trying to be sent to a list of recipients. i assume the spammer is monitoring one of these email boxes and when he gets a result he will send thousands of request to my site.
what should i do about this?
if anybody wants to see the requests i will stickymail them.
1) Change the filename to something other than the default (and all references to it)
2) You can change the parameter names if you understand a bit about Perl
3) If you can program in Perl, you can set the 'email' variable to a fixed value and ignore any requests to anything other than that. (You could use a secondary parameter with a different name for the real email address).
4) Again, if you can program in Perl, you can log the last 10 or twenty IP addresses and if they are hammering your server, exit Perl early.
5) If you only use the script to send mail to yourself, you can hard code the email address into the Perl source instead of being sent by parameter.
[webmasterworld.com...]
[webmasterworld.com...]
Much more secure is nms-formmail:
[nms-cgi.sourceforge.net...]
what i really want to know is should i still do something about this even though it doesnt affect me. should i report the email addresses that are listed and to the service provider? or what?
it just annoys me every time i look at the filed request report.
