I have a simple form asking for name, e-mail and comment on page one. Page two sends the form via e-mail to me and thanks the person for filling in the form. But I've started getting this in my inbox? I think I'm being used here - any ideas."Their e-mail address is:" is hard coded
Their e-mail address is: an Content-Type: text/plain; charset=\"us-ascii\" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: take half bcc: onemoreaddr...@hotpop.com
usually I would get, Their e-mail address is: soan...@soanso.com
$message="First Name:$fname\n\nLast Name:$lname \n\nPhone:$phone\n\nTheir e-mail address is: $email\n\n comment::\n\n$comment"; if(mail($to,"E-mail from MySite",$message,"From:$email\n")){ echo "Thank you $fname. Your Information has been inserted into my contact database and forwarded to my E-Mail address. I'll get back to you shortly.";
> But I've started getting this in my inbox? I think I'm being used here > - any ideas."Their e-mail address is:" is hard coded > here is the e-mail code: ... > $email=$_POST['email']; ... > if(mail($to,"E-mail from MySite",$message,"From:$email\n")){
Take it down, it is being abused - or is about to be abused - by spammers.
The last argument to mail() is a list of extra headers and because of the way your script is structured a custom form or script can submit extra Bcc: email addresses tagged on to the 'email' form field.
At the very least get rid of any newlines inserted in the 'email' field:
>> $email=$_POST['email']; > ... >> if(mail($to,"E-mail from MySite",$message,"From:$email\n")){
> Take it down, it is being abused - or is about to be abused - by > spammers.
> The last argument to mail() is a list of extra headers and because of > the way your script is structured a custom form or script can submit > extra Bcc: email addresses tagged on to the 'email' form field.
Can you expand on how this works and how to prevent spammers from using this? I'm not sure I understand. Thanks!
> > Take it down, it is being abused - or is about to be abused - by > > spammers.
> > The last argument to mail() is a list of extra headers and because of > > the way your script is structured a custom form or script can submit > > extra Bcc: email addresses tagged on to the 'email' form field.
> Can you expand on how this works and how to prevent spammers from using > this? I'm not sure I understand. Thanks!
$message="First Name:$fname\n\nLast Name:$lname \n\nPhone:$phone\n\nTheir e-mail address is: $email\n\n comment::\n\n$comment"; if(mail($to,"E-mail from MySite",$message,"From:$email\n")){ echo "Thank you $fname. Your Information has been inserted into my contact database and forwarded to my E-Mail address. I'll get back to you shortly.";
for Content-Type: text/plain; charset=\"us-ascii\" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: could not so easily have torn himself away. need hardly bcc: onemoreaddr...@hotpop.com
> So I tried this .. ... > $email=$_POST['email']; ... > $email = preg_replace( '/[\r\n]/', '', $email ); > $comment=$_POST['comment']; ... > and today got this: > First Name:nachrally8...@xxx.com > Last Name:nachrally8...@xxx.com > Phone:nachrally8...@xxx.com > Their e-mail address is: nachrally8...@xxx.com > comment:: > for > Content-Type: text/plain; charset=\"us-ascii\" > MIME-Version: 1.0 > Content-Transfer-Encoding: 7bit > Subject: could not so easily have torn himself away. need hardly > bcc: onemoreaddr...@hotpop.com > So I took it down again .. please help.
The spammer doesn't know that your form is no longer abusable and his/her script is still running somewhere - but it is now doing no harm apart from being annoying.
The body of your email shows the headers the spammer is attempting to add to the email, but is failing to do so.
First I take the Script that juglesh has postet (sorry about my bad english please), but in the last few weeks every day I delete lot of posts in my guestbook. That for I look for a alternativ to the replace, and I found this:
if (preg_match( '/bcc\:|Content\-Type\:|cc\:|to\:|MIME\-Version\:/i' , $email)) { die ("BAD INPUT, NAUGHTY HACKER");} else{ ....
}
Now the time to delete every day the posts is gone, and in my mailformular I make the same, and I hope it is enough to stop the mails the hacker have send through my formular.
Perhaps my little function is good enough to help other people with the same problems.
