Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: Some Loser is trying to spam MY script!?! What do I do?

by ruzam (Curate)
on May 01, 2006 at 19:01 UTC ( #546727=note: print w/replies, xml ) Need Help??


in reply to Some Loser is trying to spam MY script!?! What do I do?

The spammer believes you're using the comment form to send an email to somebody who cares (like a website administrator). They've inserted an extra \n into the subject, followed by their own mail message. Many (all?) mailers interpret the extra \n as the end of the first message and the start of a second message. So the spammer is attempting to use your comment form to send his own spam to the rest of the world. Since you're sending the comments to a file and not resending a mail message, the spammer is wasting is time (and your disk space).

A good rule of thumb for anything email header related is to strip and ignore everthing after (and including) the first \n.

You should probably be more descriminating with your acceptance of form variables. Blindly using everything in CGI->vars is likely going to bite you in the end.
  • Comment on Re: Some Loser is trying to spam MY script!?! What do I do?

Replies are listed 'Best First'.
Re^2: Some Loser is trying to spam MY script!?! What do I do?
by fraktalisman (Hermit) on May 08, 2006 at 17:23 UTC

    Another common variation used by spammers is to put the extra newline in a header field like Subject or From, and start the next line with the additional CC and BCC fields. Many feedback forms don't check every input line for extra newlines because the HTML Form is supposed to send only single line values there. The header fields are vulnerable too.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://546727]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (6)
As of 2019-04-18 10:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I am most likely to install a new module from CPAN if:
















    Results (103 votes). Check out past polls.

    Notices?
    • (Sep 10, 2018 at 22:53 UTC) Welcome new users!