spam

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

spam

Post by s.dot »

how can i tell if someone is using my 'contact us' form to send out spam?

I just got this in my email:

Code: Select all

Comment From Contact Form

Name: figush
Email: figush@lui.net
Username: figush
Nature: Unknown

Comments: figus, nashi gziyt <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
cheap <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> pill
discount <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> sale
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> price
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> prescription
free <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
purchase <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
purchase <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> side effects
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> shop
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> sale online
mail order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> information
cheap <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
cheap generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
buy generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> dosage
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> info
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> story
effects of <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
get <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> prescription online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> cost
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> use
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> now
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> best buy
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

if they can't affect the headers that'll be used, there's little to no ability for spam to be sent (other than to whatever destination you're sending the email to)

read through ninja space goat's email thread in Security for more details on various bits.
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

the '<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>' should be a tip-off :D

j/k...in all seriousness, does it send mail to whomever entered their contact information along with sending mail to you?

if not, then you shouldn't have anything to worry about....other than all the crap you're going to get.

my suggestion would be to use some form of capcha to alleviate that nonsense.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Okie doke :)

Wordpress used to come with a spam-filter plugin, but the newer releases dont seem to have it. A google might help.

I can think of a hack-around way that would technically be very powerful.

1. Install spamassassin on the server.
2. Build the email, with headers and everything ready to send the mail
3. Pass it via spamassassin using the exec() functions or similar
4. Check the result and decide what to do

Note: SpamAssassin comes with both a Perl script and an optional daemon written in C.
Post Reply