Page 1 of 1

spam

Posted: Wed May 24, 2006 4:46 pm
by s.dot
how can i tell if someone is using my 'contact us' form to send out spam?

I just got this in my email:

Code: Select all

Comment From Contact Form

Name: figush
Email: figush@lui.net
Username: figush
Nature: Unknown

Comments: figus, nashi gziyt <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
cheap <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> pill
discount <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> sale
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> price
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> prescription
free <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
purchase <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
purchase <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> side effects
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> shop
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> sale online
mail order <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> information
cheap <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> online
cheap generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
buy generic <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> dosage
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> info
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> story
effects of <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
get <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> prescription online
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> cost
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> use
buy <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> now
<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> best buy

Posted: Wed May 24, 2006 4:50 pm
by feyd
if they can't affect the headers that'll be used, there's little to no ability for spam to be sent (other than to whatever destination you're sending the email to)

read through ninja space goat's email thread in Security for more details on various bits.

Posted: Wed May 24, 2006 4:50 pm
by Burrito
the '<span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span>' should be a tip-off :D

j/k...in all seriousness, does it send mail to whomever entered their contact information along with sending mail to you?

if not, then you shouldn't have anything to worry about....other than all the crap you're going to get.

my suggestion would be to use some form of capcha to alleviate that nonsense.

Posted: Wed May 24, 2006 4:51 pm
by Chris Corbyn
Okie doke :)

Wordpress used to come with a spam-filter plugin, but the newer releases dont seem to have it. A google might help.

I can think of a hack-around way that would technically be very powerful.

1. Install spamassassin on the server.
2. Build the email, with headers and everything ready to send the mail
3. Pass it via spamassassin using the exec() functions or similar
4. Check the result and decide what to do

Note: SpamAssassin comes with both a Perl script and an optional daemon written in C.