|
|
Posted by Tom on 12/04/06 19:52
> Is he stupid and just sitting
> there trying to spam my feedback form even though he is getting this message
> telling him to go away, or is do you think there is some sort of automatic
> process being run on my webpage?
Almost assuredly the latter. I had a test page I had put up once with
a form on it. All the form did was email me the textarea contents.
When I had finished my testing with the form, I commented out (but did
not delete) the form. Every once in a while I still get a spam message
from the form.
I don't know for sure, but I would guess that anybody making any money
doing this is doing it with bots.
Maybe you could create an RSS feed from the spams you get? I'd be
curious to see other responses.
Tom
On Dec 4, 11:07 am, "mantrid" <ian.dan...@virgin.net> wrote:
> Up to the other day I have not bothered protecting my php script on my
> feedback form against email injection. Howerver, i have had a spammer using
> it to insert email addresses as cc: bc: into my email field. First I was
> puzzled why he was doing it as the message being sent was just jibberish. I
> have recently used a function to protect these fields and send an email back
> to myself with his details. function below
>
> function spamcheck($spammed_field,$returnpage) {
> $spammed_field=strtolower($spammed_field);
> if((eregi("cc:",$spammed_field))||(eregi("subject:",$spammed_field))) {
> //(eregi("bcc:",$spammed_field))||
> $spamhost=$_SERVER['REMOTE_HOST'];
> $spamrefr=$_SERVER['HTTP_REFERER'];
> $spamaddr=$_SERVER['HTTP_X_FORWARDED_FOR'];
> if(strlen($spamaddr)<7) { $spamaddr=$_SERVER['HTTP_CLIENT_IP']; }
> if(strlen($spamaddr)<7) { $spamaddr=$_SERVER['REMOTE_ADDR']; }
> $thisfile=$_SERVER['SCRIPT_NAME'];
> $spamtext="FILE: $thisfile \nFROM: $spamrefr \nADDR: $spamaddr \nHOST:
> $spamhost \nINFO:\n$spammed_field\n";
> mail("spamch...@mysite.co.uk","ALERT: $spamaddr",$spamtext,"From: IDD
> Software Spamcatcher <spamch...@mysite.co.uk>\r\n");
> //echo();
> die("<br><br><div align='center' class='RedWarning'>If you are a spammer
> trying to inject script into my input fields, then go away and get a
> life<br>otherwise<br>Please try again as you may have included some
> incorrect characters.<br><br><a href='".$returnpage."'
> class='BodyLink'>Return</a></div>");
> }
> }
>
> This function should cause the attempt to spam to die and send info about
> the spammer and he injected script to me which it does brillantly. But now
> Im getting more of these notices of spamming than I was getting originally
> spammed messages with many more emails in the cc: bcc: and a proper message
> (just sales stuff about tea oil). Why is he still attempting this if the
> spam is not working and being sent to the recipients. I have an appropriate
> message displayed when the spam is attempted. Is he stupid and just sitting
> there trying to spam my feedback form even though he is getting this message
> telling him to go away, or is do you think there is some sort of automatic
> process being run on my webpage?
>
> Is there a way to return an email to him everytime its attempted?
> The function returns his address eg ADDR: 203.198.162.124. but it changes
> everytime. I dont know much about the antics and abilities of spammers (but
> learning). Can anyone tell me why hes doing it still?
Navigation:
[Reply to this message]
|