Following instructions to the letter and it worked perfectly first time. Now the recipient is being spammed similar to the snip below. Anyone have a thought?

City: Minolche de fehhan jida

Links removed

I'm getting spammed with those type codes, too.

However, rest assured that the only problem is ... that it's a nuisance.

The spammer/bot is trying to find vulnerable scripts to inject code into websites. The NMS FormMail script prevents this from happening (the script is secure from hacking, spam relays, spam harvesting, injection exploits, etc.), but unfortunately, you do receive the irritating emails submitted to the form.

doran -

Your form can't be used as a spam relay due to the NMS FormMail code prevents that, but if you don't want to receive the irritating spam emails sent to you, then you should go to a CAPTCHA method (which would normally be coded in php), however please make sure that if a malicious person "manually" fills out your form, that your code is safe from email injection exploitation, etc. (read the very first post on this particular page and click on the link that I provided regarding email injection exploits).

Most of those email injection exploits aren't done manually, however, you never know, so you want to cover yourself just in case.

There's a big difference with ONLY YOU receiving the spam attacks, or your form being used as a spam relay to shoot spam to OTHERS.

Are others getting spammed with your form that you know of?

If they aren't then your form is not being used as a spam relay, because the NMS FormMail prevents that.

The "@allow_mail_to" config is one of the security measures the NMS FormMail script uses to hinder spammers/bots from doing email injection exploits.

The info found in the posts that I previously mentioned you to read, explains about how spammers use forms for email injection exploits quite well, and you'll probably understand better what I am trying to explain if you read through it all

I assure you, the NMS FormMail script is secure in NOT using your form as a spam relay and the only nuisance is that YOU (and/or the email addys of those in your .pl script to which you have assigned to receive the form submissions) will be receiving the submissions to which the spammers are trying to inject malicious code, BUT they will be unsuccessful because you are using a secure form script (the NMS FormMail) which will NOT allow that to happen (they CAN'T forward spam to OTHERS using your form as a relay).

I can't explain it or be any more explicit than that, so hopefully that'll give you peace-of-mind in that regard

If you (and those you assign to receive the form submission) don't want to receive the "attempts"/spam, however, then you need to hinder the bots from filling out the form period, which then you need to use a CAPTCHA method for your forms. The NMS FormMail doesn't currently have a validation system for bot-form-filling, that I know of, anyway.

Yes, I totally agree with you that you are being spammed to, and believe me, I know what you are going through because I am receiving the exact same type spam form submissions myself (as I mentioned in my 2nd post on this page ). Although, it's been slowing down in the last few days (didn't receive any today), so that's been great! 

Anyway, due to this post you made:


I just felt I had to respond to you to make sure you knew the distinction, because that snippet isn't really your situation. Being a spam relay would be waaaaaay worse and thank heavens our forms can't be used in that manner!

Anyway, hopefully someday, somebody will figure out a way to have a CAPTCHA with the NMS FormMail script 

Can someone set  up this formmail for me?  I am willing to pay someone, I have tried and tried and I just cant get it to work correctly.

I followed all the instructions, and just can't get it.  I am not that computer savy, and for sure not a programmer.

HELP PLEASE!

This is the site that I tried to do it if anyone wants to look at it.

http://www.aarpno.com/contact.html

I am using the other hosting company.com as a hosting company.  I had Matts script on my site and it worked fine, but they made me take it off.

 

Bernie

Go to this following post and see if any one of those is your problem:

http://www.lunarforums.com/index.php?topic=28881.msg225070#msg225070

It's probably the permissions on the .pl script needs to be reset to 755.