Reply to Re: mail to or form?

Your name:

Reply:


Posted by Beauregard T. Shagnasty on 05/22/07 22:23

dorayme wrote:

> "Beauregard T. Shagnasty" <a.nony.mous@example.invalid> wrote:
>> dorayme wrote:
>>> Leif K-Brooks <eurleif@ecritters.biz> wrote:
>>>> Adrienne Boswell wrote:
>>>>> Usually, when I make contact forms, I include an option to cc the
>>>>> sender.
>>>>
>>>> Spammers must love you.
>>>
>>> Care to elaborate?
>>
>> An unscrupulous person can fill in the form using a victim's address
>> and have that "cc:" go to the victim. I'd also envision that the
>> spammer would make a local copy of the form, and blast it at the
>> "action" script with continuous submissions.
>
> Trying to get my head around these points. A spammer who already
> knows the email address of people can do all manner of things, what
> is so attractive to a spammer of a form that has a CC input?

Spammers never send from their own accounts. They use botnets of
clueless Windows users; they use open relays on mail servers; and they
use insecure web forms, where they inject bcc: lists. They forcefeed to
get maximum output in the shortest amount of time, before the
compromised source is shut down.

In this case, there is already a cc: field so they can annoy anyone even
if the form itself is secure.

> That he gets also to send info to the form's owner?

He doesn't care about that. Adrienne probably would, as soon as her
Inbox filled up. :-0

> Perhaps the penny will drop for me, but it is still early here.

<tink!>

> I have learnt something from this thread: that it is likely many
> people don't like a mere contact form without a proper email address
> as an alternative means of communication. And that there is some
> downside (which I don't fathom completely) to putting in a CC field.

The downside is spammers can use it. The upside is .. well, the poster
gets a copy of hir submission to the web form, for the records.
Personally, I don't think it is necessary, so long as the web site owner
responds in a timely fashion.

--
-bts
-Motorcycles defy gravity; cars just suck

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация