"sending spam"

Raiden32992

Intergalactic Cowboy

Offline

Posts: 52

"sending spam"

« on: February 28, 2008, 05:49:41 PM »

I have a simple "submit" form, where anything entered will be sent to my email. I receive about 3 spam emails a day. I don't mind the spam, but should this be fixed, or removed?

I know php is exploitable, but im pretty sure, with my traffic its not gonna get exploited. Not to mention, the page name doesn't contain the keywords "contact" or "feedback" like many bots/hackers search for.

So my questions are;

1) Am I the only one getting spam from it, or is it doing something to send spam from "my" account(like someone sending a email from a forum, except a bot doing it)

2) If it WAS exploited, whats the worse that can happen? I don't want my account hacked, but I certainly don't want to cause any trouble/harm to others/the server.

Thanks for any help Very Happy


	Logged

Troy Laclaire

Support
Intergalactic Superstar

Offline

Posts: 156

Darkwolf

Re: "sending spam"

« Reply #1 on: February 28, 2008, 09:48:38 PM »

There are software "bots" that travel the internet looking for input fields to try and exploit, then when they find these fields, they input data into them to attempt to send spam, and in some cases may be able to exploit your script to send spam to others, this would generally depend on the way your form is scripted however.

Email script forms are the most commonly exploited.

If it was easily exploited, and then used for sending spam to others, this can cause issues with other email servers if they start blocking the server for being a spam source.

If your script is exploitable, you will want to lock it down. Generally something as simple as a captcha image, or even a single field that needs to be changed before the script will submit will work to decrease exploitability from bots (of course does stop humans from doing it).


	Logged

Lunarpages Web Hosting

Lunarpages Forums

Lunarpages Affiliate Program

Christoph2k

Newbie

Offline

Posts: 1

Re: "sending spam"

« Reply #2 on: February 29, 2008, 02:57:23 AM »

Spam Bots will usually work by filling in every field they see in the form and then submitting it.

A good and simple way to fool them is to put a text box in a hidden div, somewhere in the form. The spam bot will fill this field out, assuming its just a normal field. Though because you've hidden the text box, no user/customer will see it and won't fill it out.

You can then check whether there is any text in that field, and if there is, don't accept it.

Chris


	Logged

Raiden32992

Intergalactic Cowboy

Offline

Posts: 52

Re: "sending spam"

« Reply #3 on: February 29, 2008, 07:04:09 AM »

I went ahead and removed it Smile

Seemed like it wasn't worth it, if someone did exploit it to send spam to others


	Logged

Rick_E

Master Jedi

Offline

Posts: 1071

Re: "sending spam"

« Reply #4 on: March 05, 2008, 09:37:38 PM »

The form spam bots are sometimes stopped if you add a simple authorization field to the form into which the user must type something of your choice. There are fancy random generators for this but I have found that I can just require them to type something like "2008" and it stops the automated bots.


	Logged

All the best, Rick E

FrontPage has been discontinued.
If you plan to stay with FrontPage, consider upgrading to FrontPage 2003 now.

Search the Microsoft KB for error messages:
http://support.microsoft.com/search/default.aspx?catalog=LCID%3D1033&spid=919&adv=1

Microsoft groups have additional FrontPage assistance:
http://www.microsoft.com/communities

scanman20

Master Jedi

Offline

Posts: 1199

Re: "sending spam"

« Reply #5 on: March 11, 2008, 04:40:24 PM »

http://www.notonebit.com/projects/killbot/


	Logged

Even a broken clock is right twice a day.
NotOneBit.com
MCSE - MCSA - MCP

Pages: [1] Go Up

« previous next »

	Welcome, Guest. Please login or register. Did you miss your activation email?	July 25, 2008, 07:47:42 PM
		Login with username, password and session length