[Mimedefang] Lessons learned...
Ben Kamen
bkamen at benjammin.net
Mon May 21 15:25:02 EDT 2007
Kelson wrote:
> Ben Kamen wrote:
>> Turns out, a web script I wrote OH so long ago was being utilized for
>> sending
>> spam.
>
> I had a similar experience a couple of years ago. Fortunately we caught
> it while they were still just sending probes. In our case it was a
> header injection attack. So I went through and audited all our email
> scripts to see how well they validated input.
Yep - that's basically what I did. Validate the input better.
>> So it's fixed. The spammer thinks he's still sending spam, but actually,
>> I'm logging all the places he's trying to SPAM along with the message
>> content.
>>
>> Hmmm... pipe it into SPAM? It's a full email file! hahaha..
>
> Sneaky!
;)
I think they figured it out though since the POSTs to the cgi file have stopped
as of yesterday.
Awwww...
-Ben
--
Ben Kamen - O.D.T., S.P.
=============================================================================
Email: bkamen AT benjammin DOT net Web: http://www.benjammin.net
As seen somewhere on the net: My other computer is your Windows Server.
More information about the MIMEDefang
mailing list