[Mimedefang] OT: Email web form exploits
Chris Gauch
cgauch at digicon.net
Fri Sep 9 13:58:56 EDT 2005
David Skoll wrote:
> Chris Gauch wrote:
>
> [Add fake fields to forms and reject if they're not blank.]
>
> Now THAT is clever. I like it!
>
> In fact, you might want to log the contents of the fields somewhere,
> because chances are they'll contain probe addresses that might
> be helpful for tracking down the spammers.
Yes, we are certainly doing that. We log the REFERER information including
remote IP addresses to a database and check it every so often (we're only
doing this on 1 or 2 forms that we developed in hopes of tracking down the
offenders). So far, most of the offending IPs point to Eastern Europe and
Asia...
- Chris
------------------------------------------
Chris Gauch
Systems Administrator
Digicon Communications, Inc.
http://www.digiconcommunications.com
cgauch at digicon.net
More information about the MIMEDefang
mailing list