Im getting emails with the following.. Seems a spammer is trying to use the admin contact for to SPAM via WSN Links. Is this an ability or is he blowing in the wind. All I need is for my website to be SUSPENED for open relay and spamming.
============= This form submission is from someone identifying theirself as ''. Send replies to this email address: dxbwxfhmv@automotive-register.com
This is the content of their message, titled 'dxbwxfhmv@automotive-register.com Content-Type: multipart/mixed; boundary="===============1204851307==" MIME-Version: 1.0 Subject: 9d3cc1ba To: dxbwxfhmv@automotive-register.com bcc: jrubin3546@aol.com From: dxbwxfhmv@automotive-register.com
The contact form is only capable of sending email to you, so he can spam you as much as he wants (as you can see) but is incapable of changing the recipient address. Looks like he's trying to take advantage of MIME if you happen to have set MIME on, but I don't see any way he could actually use a MIME message body to effectively specify a BCC, and at any rate what he's trying apparently isn't doing it since his MIME headers are being shown as text for you.
They're probably using a script to try every contact form in google.
I should add the security image to the contact form anyhow to stop it from spamming the webmaster.
By the way, I hope dxbwxfhmv isn't your actual email or various spam spiders will sign you up when they encounter this thread (unless you edit it out soon).
this might be an offtopic, but I hope its relevant.
I noticed there is a contatn form option in the switches - since I'm using my own templates I didn't see any changes when I turned it on. Is it a contact form to contact listing/link owners? I have a niche specific directory (real estate) and sometimes people trying request information through the comments which is not helpful - no back contact info provided. Is there a way to set up such contact form that people actually could communicate with the links owners? Security image would be required too.
Actually Gemini We are getting these Spams too same people. We are only getting them on our two real estate sites.
I know your site so I'm wondering if they are targetting themes.
The switch off disables the link from the main site but it doesn't disable the contact function. We got scared of being hacked & changed the location of the URL. We thought it was just an attack on our sites.
So even though you switched it off they still have access to the form from search engines.
Paul an image security would be great. I thought it was just us & wanted to try to handle it but I guess this would prevent future overall aggrevasion.
Comments on Contact form relaying ?
Member
Usergroup: Customer
Joined: Apr 27, 2004
Total Topics: 5
Total Comments: 17
Im getting emails with the following.. Seems a spammer is trying to use the admin contact for to SPAM via WSN Links. Is this an ability or is he blowing in the wind. All I need is for my website to be SUSPENED for open relay and spamming.
=============
This form submission is from someone identifying theirself as ''. Send replies to this email address: dxbwxfhmv@automotive-register.com
This is the content of their message, titled 'dxbwxfhmv@automotive-register.com
Content-Type: multipart/mixed; boundary="===============1204851307=="
MIME-Version: 1.0
Subject: 9d3cc1ba
To: dxbwxfhmv@automotive-register.com
bcc: jrubin3546@aol.com
From: dxbwxfhmv@automotive-register.com
This is a multi-part message in MIME format.
--===============1204851307==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
maht
--===============1204851307==--
':
dxbwxfhmv@automotive-register.com
You may use http://www.automotive-register.com/contactreply.php to reply if you wish.
The Automotive Register
http://www.automotive-register.com
developer
Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California
Total Topics: 61
Total Comments: 7867
The contact form is only capable of sending email to you, so he can spam you as much as he wants (as you can see) but is incapable of changing the recipient address. Looks like he's trying to take advantage of MIME if you happen to have set MIME on, but I don't see any way he could actually use a MIME message body to effectively specify a BCC, and at any rate what he's trying apparently isn't doing it since his MIME headers are being shown as text for you.
They're probably using a script to try every contact form in google.
I should add the security image to the contact form anyhow to stop it from spamming the webmaster.
By the way, I hope dxbwxfhmv isn't your actual email or various spam spiders will sign you up when they encounter this thread (unless you edit it out soon).
Forum Regular
Usergroup: Customer
Joined: Oct 30, 2003
Total Topics: 54
Total Comments: 197
this might be an offtopic, but I hope its relevant.
I noticed there is a contatn form option in the switches - since I'm using my own templates I didn't see any changes when I turned it on. Is it a contact form to contact listing/link owners? I have a niche specific directory (real estate) and sometimes people trying request information through the comments which is not helpful - no back contact info provided. Is there a way to set up such contact form that people actually could communicate with the links owners? Security image would be required too.
Thanks.
developer
Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California
Total Topics: 61
Total Comments: 7867
It's for letting people contact the site admin.
Member
Usergroup: Customer
Joined: Oct 30, 2004
Total Topics: 18
Total Comments: 47
Actually Gemini
We are getting these Spams too same people.
We are only getting them on our two real estate sites.
I know your site so I'm wondering if they are targetting themes.
The switch off disables the link from the main site but it doesn't disable the contact function. We got scared of being hacked & changed the location of the URL. We thought it was just an attack on our sites.
So even though you switched it off they still have access to the form from search engines.
Paul an image security would be great. I thought it was just us & wanted to try to handle it but I guess this would prevent future overall aggrevasion.
developer
Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California
Total Topics: 61
Total Comments: 7867
Actually the security image was already added to the contact form in 3.2.6 shortly after that post.
Member
Usergroup: Customer
Joined: Apr 27, 2004
Total Topics: 5
Total Comments: 17
I just removed the contact us option and then renamed the contact page name. Solved the problem for now.
Thanks
developer
Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California
Total Topics: 61
Total Comments: 7867
I expect an upgrade would've taken no more time, but as you wish.