[Mimedefang] OT: Email web form exploits
Chris Gauch
cgauch at digicon.net
Mon Sep 5 22:21:18 EDT 2005
This is somewhat off-topic but does relate to spam/email as these Email web
form exploits seem to be yet another method that spammers have found to junk
up inboxes...
Just wanted to hear how others are being hit by this latest scam. As an ISP
that hosts hundreds of websites that use Email web forms, we have had lots
of forms come through with fake email addresses throughout the form (see the
article below for more info):
http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay
Here's an example (shown on the website above) of what these "exploited" web
forms look like when sent via email from the web server:
-- snip --
comments[ejrkjfkn at nowhere.com]
andersUser[ejrkjfkn at nowhere.com]
redirectTo[ejrkjfkn at nowhere.com]
name[ejrkjfkn at nowhere.com]
page[ejrkjfkn at nowhere.com]
email[ejrkjfkn at anders.com
Content-Type: multipart/mixed;
boundary="===============1588588624=="
MIME-Version: 1.0
Subject: 40d7e77
To: ejrkjfkn at nowhere.com
bcc: killerhamster at punkass.com
From: ejrkjfkn at nowhere.com
This is a multi-part message in MIME format.
--===============1588588624==
Content-Type: text/plain;
charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
yyo
--===============1588588624==--
]
subject[ejrkjfkn at nowhere.com]
--/snip--
Just an FYI as I'm sure many others will or have already encountered this
annoying issue.
- Chris
------------------------------------------
Chris Gauch
Systems Administrator
Digicon Communications, Inc.
http://www.digiconcommunications.com
cgauch at digicon.net
More information about the MIMEDefang
mailing list