|
|
Posted by Jerry Stuckle on 04/29/06 17:52
Martin Jay wrote:
> In message <o86dnYXPebLANc_ZnZ2dnUVZ_s-dnZ2d@comcast.com>, Jerry Stuckle
> <jstucklex@attglobal.net> writes
>
>> Martin Jay wrote:
>>
>>> I (think) I understand the principle, but I cannot replicate it.
>>> The 'hack' seems to rely on email being routed by the 'to,' 'cc,'
>>> and 'bcc' fields in its header, which is isn't. Well, not until it
>>> reaches its destination, maybe.
>
>
>>> I emailed Paul an example script earlier. I've also uploaded it to:
>>> <http://www.spam-free.org.uk/pages/email_test.php>.
>
>
>>> I would be interested to see how the spamming technique you mention
>>> can be used with it. I have changed the form method from POST to
>>> GET to make it easier to 'hack.'
>
>
>> Either way. I just make a local copy of your form, edit it to add the
>> headers I want, and post it back to you. For instance, I place in the
>> subject field:
>>
>> This is spam
>> bcc: someone@example.com
>>
>> And off it goes. The more fields I add, the more I'm sending.
>>
>> Not hard at all.
>
>
> Hmmm...
>
> I've replaced the page I mentioned earlier with one that allows you to
> download a copy of the form script.
>
> Put it on your local server and try your theory out.
>
> I cannot replicate the problem you highlighted. :(
Martin,
Sorry, I have too many other things to do than to download scripts and test them
on my server. I gave you the references and some suggestions. I really don't
wish to spend the time "proving to you I'm right".
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|