Someone is using my Tell-a-friend form to spam others

Forum Moderators: coopster

Message Too Old, No Replies

Someone is using my Tell-a-friend form to spam others

hairycoo

10:07 pm on Feb 10, 2006 (gmt 0)

Hi,

I have a tell-to-friend php script on my site that sends me a copy of the message. I've noticed over the last 3 days at least 15 spam emails that appear to be sent from my domain abc@mydomain.com (abc is different for every message).

I'm not sure what to do now. Contact my host? Look for a php script with security? I've looked long enough for something simple, I imagine something like this I'll have big problems finding.

If anyone has any suggestions (of scripts as well), plase let me know!

Thanks

Dijkgraaf

10:21 pm on Feb 10, 2006 (gmt 0)

I'd remove the tell-a-friend form, they can be abused too easily.
I would only allow this type of form for a registered and confirmed member who is logged in.

mifi601

10:29 pm on Feb 10, 2006 (gmt 0)

put a simple image there with a code and ask users to enter it. does not have to be generated or anything like that. it will keep all the automated scripts that target pages like yours out.

jatar_k

10:31 pm on Feb 10, 2006 (gmt 0)

if you are searching for the image for your form it is called CAPTCHA

[en.wikipedia.org...]

anax

10:31 pm on Feb 10, 2006 (gmt 0)

I've had two instances of this in the past week. I'm not a programmer at all, and have set up the tell-a-friend mostly with cutting and pasting, with minor adjustments. I have it set so only three "friends" can be referred at a time; the copy of the messages that go to me seem to be mostly blank. I hope there isn't more happening that I can't see. I'm using the "V-INE" package.

hairycoo

10:38 pm on Feb 10, 2006 (gmt 0)

Thanks... the image thing might work, I hope it's not too difficult to install since I'm not really a programmer.

Twisted Mind

7:08 am on Feb 13, 2006 (gmt 0)

let the form log ip addresses :P youll know who send it and you can add some text like "IP addresses will be logged" if they still keep doing that u can sew em..

zCat

7:42 am on Feb 13, 2006 (gmt 0)

Make sure the email addresses and any other lines apart from the message body are properly validated. If newlines can be inserted, spammers can use this to add extra headers (such as a string of CC:s) to the outgoing email and the mail server will happily accept them.

(Had this happen to me recently on an ancient feedback script on a site I look after, where the recepient address was fixed in the script).

hairycoo

7:48 am on Feb 13, 2006 (gmt 0)

I've removed the script for the time being but yes, that's exactly what the spammer did... it added a bunch of aol addresses in a BCC field. Some emails also had an attachment.