email conact form a security risk?

Forum Moderators: coopster

Message Too Old, No Replies

email conact form a security risk?

is someobody trying to use my form for evil (spam)?

fwordboy

9:08 pm on Jul 26, 2005 (gmt 0)

Today I got several emails that had been sent via the email form on my website's contact form, one of which had the following subject line:


zzolzohj@mywebsite.com Content-Type: multipart/mixed; boundary=\"===============0709431628==\" MIME-Version: 1.0 Subject: e8f8c1c4 To: zzolzohj@mywebsite.com bcc: someone@aol.com From: zzolzohj@mywebsite.com This is a multi-part message in MIME format. --===============0709431628== Content-Type: text/plain; charset=\"us-ascii\" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit mrarh --===============0709431628==--

there were other emails where someone had typed random letters eg. zzolhzoj@mywebsite.com as their subject, email address and message.

What's going on, is someone trying to hack me and if so how can I prevent it? I'm using PHP btw.

[edited by: jatar_k at 9:13 pm (utc) on July 26, 2005]
[edit reason] generalized aol email [/edit]

jatar_k

9:16 pm on Jul 26, 2005 (gmt 0)

whether your email form even can be used for evil spam (hehe ;)) would depend on what it allows people to do.

Does it just submit to you?
Was that email just a bounce from a bad address?

people do have a tendency to test email forms and just submit junk to see how it works and where things go.

fwordboy

9:29 am on Jul 27, 2005 (gmt 0)

As far as I can ascertain, the email just went to me. In the subject line there mentions a BCC: to someone@aol.com I changed that email address to another of my own to see if it would get through and it didn't.

bnhall

10:19 am on Jul 27, 2005 (gmt 0)

anyone have any suggestions on an easy way to stop this?

jatar_k

5:05 pm on Jul 27, 2005 (gmt 0)

if it is only going to you then it shouldn't really matter, just annoying

you could look at the mail calls in the script itself to see if there is any possibility of abuse with the ways it's coded right now.

Rosalind

5:19 pm on Jul 27, 2005 (gmt 0)

I got the same sort of thing on one of my contact forms today. I checked, and the AOL address was invalid, so it wasn't going anywhere. Either it was shut down very quickly, or the spammer was not planning to get a reply.

I think this is a variation on the search for formmail.pl. Most webmasters are wise to that and use the updated version, if any. But there could still be a lot of insecure contact forms out there, so I expect to see more of the same.