contact.php spam

**AndrewT** · 11-15-2005, 06:41 PM

Since I posted this 12 more accounts have been hit. This doesn't appear to be affecting a single script in particular. I've looked through the accounts and the script names and code differ quite a bit as well. Additionally, the HTTP traffic is not coming from a single IP or IP range at all.

If you are unsure, your safest bet would be to simply deactivate all PHP mail scripts on your domains for the time being at least.

**-Oz-** · 11-15-2005, 06:48 PM

discuss this further here: http://forums.dathorn.com/showthread.php?t=1987

**AndrewT** · 11-17-2005, 11:22 AM

Domains are still bieng suspended due to these improperly coded scripts. If you are running PHP contact forms of any kind they need to be fully secured with image verification and input checking for BCC and other headers.

**AndrewT** · 11-17-2005, 01:18 PM

Note that this is also an important problem if your forms send an automated response to the FROM address that is entered into the form. Spammers can then essentially enter the addresses that they want to spam into the FROM field and keep submitting the form.

**AndrewT** · 11-17-2005, 07:37 PM

Please see this thread as well: http://forums.dathorn.com/showthread.php?p=11376

contact.php spam

contact.php spam

Comment

Comment

Comment

Comment

Comment