|
|
Posted by John Hosking on 05/22/07 22:33
dorayme wrote:
> In article
> <emJ4i.31784$p47.20713@bgtnsc04-news.ops.worldnet.att.net>,
> "Beauregard T. Shagnasty" <a.nony.mous@example.invalid> wrote:
>
>> dorayme wrote:
>>
>>> In article <46526ef0$0$7128$4d3efbfe@news.sover.net>,
>>> Leif K-Brooks <eurleif@ecritters.biz> wrote:
>>>
>>>> Adrienne Boswell wrote:
>>>>> Usually, when I make contact forms, I include an option to cc the sender.
>>>> Spammers must love you.
>>> Care to elaborate?
>> An unscrupulous person can fill in the form using a victim's address and
>> have that "cc:" go to the victim. I'd also envision that the spammer
>> would make a local copy of the form, and blast it at the "action" script
>> with continuous submissions.
>
> Trying to get my head around these points. A spammer who already
> knows the email address of people can do all manner of things,
> what is so attractive to a spammer of a form that has a CC input?
> That he gets also to send info to the form's owner?
No. The advantage is that the spammer can use the site owner's SMTP
server to send all the spam for him/her/it. It (the spammer) doesn't
need to obfuscate the source or routing of its spam messages, since
they're all coming from the poor sap who put up the Web site with the
sieve-like contact form. The recipients can't possibly determine the
spammer's identity or location.
--
John
Navigation:
[Reply to this message]
|