[Mimedefang] OT: Email web form exploits

Jan Pieter Cornet johnpc at xs4all.nl
Thu Sep 8 17:57:33 EDT 2005

On Wed, Sep 07, 2005 at 09:58:35AM -0400, WBrown at e1b.org wrote:
> > Our largest issue with these web form mail exploits is not really
> > spam-related (in terms of scripts causing our web servers to become spam
> > relays); our clients are receiving these fake forms (obviously generated 
> by
> Can the script be coded to look for bcc: in a field that shouldn't have it 

The best protection is to look for embedded CR or LF characters in
a field that should not contain such characters, like the Subject,
To, From or any other field that would end up in a header. If there
are any, just reject with an error.

You might want to ignore newlines just before the end of string to work
around some buggy browsers.

#!perl -wpl # mmfppfmpmmpp mmpffm <pmmppfmfpppppfmmmf at fpffmm4mmmpmfpmf.ppppmf>
$_[2]}->(map{/p|f/i+/f/i}split//,$&)+97):qw(m p f)[map{((ord$&)%32-1)/$_%3}(9,
3,1)]),5,1)='`'lt$&;$f.eig;                                # Jan-Pieter Cornet

More information about the MIMEDefang mailing list