Kryptronic Software Support Forum

You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.

#1 03-18-2005 20:16:06

Blitzen
Member
From: USA
Registered: 01-01-2005
Posts: 929
Website

Contact Us Email Form Hacked By Spammer


Our Contact Us email form apparently was hacked by a spammer.  We are on a LINUX OS using sendmail, not SMTP.

How do we secure the Click Cart Pro email form program from doing this?

Here is one example of the copied email that I received (I use Outlook, so these fields are what Outlook calls them).
---------------------------------

From: asha@143.111.251.21 To: myrtice@excitableboy.blogspot.com BCC: brightballoon2@aol.com Content-Type: multipart/mixed


From: asha@143.111.251.21 To: myrtice@excitableboy.blogspot.com BCC: brightballoon2@aol.com Content-Type: multipart/mixed



The following information was just submitted via the GoldenArtPrints.com Contact Form.

First Name:        lhvgabqfhm
Last Name:         nxdwvfnhqh
Email Address:      From: asha@143.111.251.21 To: myrtice@excitableboy.blogspot.com BCC: brightballoon2@aol.com Content-Type: multipart/mixed; boundary=bwkereu X-GUID: c85b4077-63a3-82bd-2a8e-de8c8994f9ca   --bwkereu Content-Type: text/html Content-Transfer-Encoding: base64  Pzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8+PE1haWxGb3JtIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElEPSJjODViNDA3Ny02M2EzLTgyYmQtMmE4ZS1kZThjODk5NGY5Y2EiIFRlc3RGYWlsZWQ9IjAiPjxCb2R5PnVzcj01MFg3Mzc1NDEmYW1wO3JuZD02Mzg4OTgyJmFtcDtycmM9TiZhbXA7cGc9c3RlX21haWxfY29udGFjdF9wcm9jJmFtcDt0cmFja2luZ19maXJzdG5hbWU9bGh2Z2FicWZobSZhbXA7dHJhY2tpbmdfbGFzdG5hbWU9bnhkd3ZmbmhxaCZhbXA7dHJhY2tpbmdfZW1haWw9Yzg1YjQwNzctNjNhMy04MmJkLTJhOGUtZGU4Yzg5OTRmOWNhJmFtcDt0cmFja2luZ19waG9uZT0zMzUxOCZhbXA7bWVzc2FnZT1reWp1bW1jcGl3PC9Cb2R5PjxGb3JtVXJsPmh0dHA6Ly93d3cuR29sZGVuQXJ0UHJpbnRzLmNvbS9jZ2ktYmluL2NwLWFwcC5jZ2k8L0Zvcm1Vcmw+PFJlZmVyZXJVc!
mw+aHR0cDovL3d3dy5nb2xkZW5hcnRwcmludHMuY29tL2NnaS1iaW4vY3AtYXBwLmNnaT91c3I9NTBYNzM3NTQxJmFtcDtybmQ9MjE5Nzc3NSZhbXA7cnJjPU4mYW1wO2NpcD02OS45My4xMDguMjAyJmFtcDtwZz1jb250YWN0PC9SZWZlcmVyVXJsPjxTZW50PjA8L1NlbnQ+PC9NYWlsRm9ybT4=  --bwkereu--   . 
Telephone Number:  33518

kyjummcpiw


W e b s i t e  E n g i n e e r i n g,   D e s i g n   &   M a n a g e m e n t
Knowledgeable, Experienced, Effective, Available ~ Reasonable prices
wwwBoulderWebsiteEngineering.com

Fast Servers & Reliable Hosting! Reasonable prices.
wwwEZP.net

And, Free Tibet!

Offline

 

#2 03-23-2005 09:24:58

webmaster
Administrator
From: York, PA
Registered: 04-20-2001
Posts: 19124
Website

Re: Contact Us Email Form Hacked By Spammer

The basic answer is that you can't stop someone from submitting a contact form.  The good news is that it only comes to you.  There's no way to hijack the form to send to other people.


Nick Hendler

Offline

 

Board footer